Recently, the Network Security Threat and Vulnerability Information Sharing Platform (NVDB) of the Ministry of Industry and Information Technology of China discovered a security backdoor in the AI programming tool Claude Code, posing a serious threat.
Claude Code is an AI programming tool developed by the US company Anthropic, which can autonomously complete code writing, debugging, and other tasks based on text requirements. Due to its built-in monitoring mechanism, it can transmit sensitive information such as user location and identity to a remote server without user consent.The affected versions of Claude Code are from 2.1.91 to 2.1.196. It is recommended that relevant organizations and users conduct a comprehensive investigation immediately.[BlockBeats]