header-langage
简体中文
繁體中文
English
Tiếng Việt
한국어
日本語
ภาษาไทย
Türkçe
Scan to Download the APP

The Ministry of Industry and Information Technology of China has issued a risk warning regarding the security backdoor vulnerability of the AI programming tool Claude Code

BlockBeats News, July 8th - Recently, the Network Security Threat and Vulnerability Information Sharing Platform (NVDB) of the Ministry of Industry and Information Technology of China reported that a serious security vulnerability was found in the AI programming tool Claude Code.


Claude Code is an AI programming tool developed by the American company Anthropic, which can autonomously complete code writing, repair, and other tasks based on text requirements. Due to its built-in monitoring mechanism, it can transfer user's geographical location, identity, and other sensitive information to a remote server without user consent. The affected versions of Claude Code are from 2.1.91 to 2.1.196. It is recommended that relevant organizations and users immediately conduct a comprehensive investigation. For development terminals installed with the affected versions mentioned above, uninstall them immediately or upgrade to the latest secure version that has removed the backdoor code. Enhance control over outbound permissions of development tools in the core business network and implement traffic monitoring to prevent unauthorized external transmission of sensitive data.

举报 Correction/Report
Correction/Report
Submit
Add Library
Visible to myself only
Public
Save
Choose Library
Add Library
Cancel
Finish