China's cybersecurity authorities have raised alarm over potential security vulnerabilities in Anthropic's Claude Code, an artificial intelligence tool designed to help software developers write and debug programmes. The National Vulnerability Database, which operates under China's Ministry of Industry and Information Technology, claims the tool contains a "security backdoor" capable of transmitting user location data and identity-related information back to Anthropic's servers without authorisation, creating what officials characterise as a significant threat to data security.

Claude Code represents a sophisticated application of generative AI in the software development space, functioning as an autonomous agent that can create computer code from text descriptions, identify and fix software errors, and analyse existing code written by humans. The tool has gained traction among developers globally as organisations seek to leverage artificial intelligence for productivity gains. However, its integration into corporate environments has also prompted scrutiny from security regulators and corporate compliance teams, particularly in countries with strict data protection requirements.

Anthropc, the San Francisco-based artificial intelligence startup behind Claude, maintains active geographic restrictions on access to its products, explicitly blocking users and organisations in China and other nations it identifies as potentially adversarial. However, these restrictions prove porous in practice. Motivated users and companies in China can circumvent them through virtual private networks or third-party proxy services, creating enforcement challenges and security blind spots that regulators find concerning.

The NVDB's warning, published on its official website, recommended that all institutions and users immediately conduct comprehensive security audits of their Claude Code deployments. The database further advised prompt removal of the tool or upgrading to a corrected version from which the problematic code has allegedly been eliminated. Such recommendations typically carry significant weight within Chinese corporate and government sectors, where compliance with official cybersecurity guidance is expected and monitored. The advisory additionally urged organisations to strengthen monitoring of outbound network traffic to detect and prevent unauthorised transmission of sensitive information.

The controversy has gained immediate practical consequences in China's technology sector. Alibaba, the country's dominant e-commerce and cloud computing conglomerate, instructed its employees to cease using Claude Code effective July 10, citing security concerns related to the alleged vulnerabilities. According to sources familiar with Alibaba's internal decisions, the ban represents a significant move by one of China's largest technology employers and signals broader industry wariness about integrating the tool into critical workflows.

Underlying the current dispute is a history of tension between Anthropic and Chinese technology companies over artificial intelligence development practices. Anthropic has previously alleged that Alibaba engaged in "distillation," a technique whereby machine learning models are reverse-engineered to replicate their capabilities and performance characteristics. Such accusations reflect broader anxieties within Western AI companies about intellectual property protection and the competitive dynamics of artificial intelligence advancement in China.

Thariq Shihipar, an engineer at Claude Code, offered a different account of the data collection practices in a post on the social media platform X last week. Rather than characterising the functionality as a security backdoor, Shihipar described it as an experimental measure initiated in March specifically designed to prevent account abuse originating from unauthorised resellers and to protect against the kind of model distillation that Anthropic associates with competitors like Alibaba. This framing recontextualises the data transmission as a defensive mechanism rather than a predatory practice.

According to Shihipar's statement, Anthropic's engineering team has since developed more robust countermeasures against account abuse and distillation, rendering the original data collection method obsolete. The company indicated that the team had intended to remove this experimental feature for some time but had not prioritised its deactivation until the recent public controversy. Shihipar announced that the problematic functionality would be fully disabled in the July 2 release of the tool, suggesting the company views the matter as largely closed from its perspective.

For Malaysian technology professionals and businesses, this dispute carries relevance across multiple dimensions. First, it highlights the increasingly fraught geopolitical context in which AI tools operate, with security concerns interwoven with trade tensions and competitive dynamics. Second, it raises practical questions for Malaysian companies evaluating AI tools for deployment, particularly those with operations or data flows involving China or that themselves develop AI systems potentially vulnerable to distillation. Third, it underscores the importance of rigorous security audits and data governance protocols when adopting foreign AI platforms, especially those restricted in certain jurisdictions.

The incident also illuminates the emerging role of national cybersecurity databases and government technical authorities as flashpoints in AI governance debates. China's approach to flagging vulnerabilities, combined with enforcement mechanisms like Alibaba's internal ban, contrasts sharply with Western regulatory models and reflects divergent philosophies about state involvement in technological risk management. Southeast Asian regulators and companies must navigate these competing frameworks as they develop their own AI governance architectures.

Anthropc has not publicly responded to requests for comment regarding China's allegations, leaving significant questions unanswered about the company's internal assessments of the vulnerabilities identified and the timeline for comprehensive remediation across all user instances globally. The silence may reflect legal caution, but it also leaves ambiguity about whether the company considers the concerns legitimate technical issues or geopolitical posturing. This uncertainty itself poses risks for businesses considering Claude Code adoption, particularly those prioritising transparency and thorough vendor accountability in their supply chains.