Original briefings. Zero spin.
Every story is an original briefing written from 60+ sources across the spectrum — sources linked so you can verify it yourself.
China Flags Security Vulnerability in Anthropic's Claude Code as U.S. Lawmakers Probe Chinese AI Adoption

Since Beijing signaled it was weighing restrictions on overseas access to Chinese AI models last week, the U.S.-China AI dispute has escalated further in the days since.
China's Warning About Claude Code
China's Ministry of Industry and Information Technology said Wednesday that its cybersecurity threat platform identified a "security back-door vulnerability" in Anthropic's Claude Code autonomous coding tool, according to CNBC. The ministry said the tool can send sensitive information, including a user's location and identity, to a remote server without the user's knowledge or consent.
The affected versions are 2.1.91 through 2.1.196, covering releases from April 2 to June 29. Anthropic's website lists version 2.1.204 as the current release as of Wednesday, July 8. The ministry told users to uninstall or upgrade away from the flagged versions.
Anthropic did not respond to CNBC's request for comment.
The timing carries context. Last month, Anthropic publicly accused Chinese company Alibaba of attempting to extract its AI capabilities, which are not officially available in China. Alibaba did not respond to those accusations. Alibaba has since ordered its employees to stop using Anthropic tools for work, effective July 10, a fact CNBC confirmed Monday. At a state-organized forum in March, a Xiaomi AI developer acknowledged that many people in China were using Claude Code despite official restrictions.
Geopolitical Context and Technical Claims
Beijing's critics raise a legitimate point: China's cybersecurity warning about an American AI product, issued in the middle of an active trade and technology rivalry, deserves scrutiny as to whether it reflects a genuine security finding or a geopolitically convenient one. China has clear incentives to discourage domestic use of U.S. AI tools and to retaliate against Anthropic's accusations about Alibaba. Skeptics are right to ask whether the vulnerability claim would have been announced the same way absent that rivalry.
The specific technical claim, that certain Claude Code versions can transmit location and identity data to a remote server, is a verifiable allegation. If Anthropic disputes it, they have the ability to say so. Their silence as of Wednesday is not exculpatory, but it also isn't confirmation.
U.S. Lawmakers Targeting Chinese AI Adoption
On the American side, the House Committee on Homeland Security and the House Select Committee on China launched a joint investigation in April into U.S. companies' use of Chinese AI models. The initial step was letters sent to Cursor and Airbnb about their exposure to risks from Chinese-developed AI, according to CNBC.
Rep. Andrew Garbarino, chairman of the House Committee on Homeland Security, told CNBC: "The Chinese Communist Party is no longer just nipping at our heels in artificial intelligence; it is racing to close the gap in some of the exact capabilities that will shape the future of cybersecurity."
Garbarino also flagged recent reporting that a Chinese open-weight model can match leading U.S. models in specific cybersecurity and vulnerability-discovery tasks, calling it "highly alarming."
A State Department spokesperson told CNBC that Chinese AI models "are designed to advance Beijing's narratives, censor dissent, and reflect CCP ideology and values." The Chinese embassy in the U.K. pushed back, saying China "opposes baseless allegations and malicious smears against its AI development."
The American Corporate Reality
Despite the congressional scrutiny, using Chinese AI models is NOT illegal for U.S. companies. Some federal agencies have banned DeepSeek internally, but no across-the-board prohibition on private-sector adoption exists.
Companies are adopting Chinese models primarily because of cost. Coinbase CEO Brian Armstrong and Lindy AI CEO Flo Crivello have both publicly promoted Chinese model usage for cost reduction, according to CNBC.
Cursor, which SpaceX agreed to acquire for $60 billion, built its Composer 2 model using Kimi, developed by China's Moonshot AI. Cursor declined to comment when approached about the congressional probe.
Two Governments, Two Pressure Campaigns
What's unfolding is a dual-track squeeze: Washington is investigating American companies for using Chinese tools, while Beijing is warning Chinese users away from American tools. Both governments are using security language as the public justification.
Neither claim should be taken at face value without independent technical verification. The Chinese government's backdoor allegation is unconfirmed. The U.S. State Department's assertion that Chinese models are engineered to censor and propagandize is a policy assertion, not a demonstrated technical finding in the sources available as of today.
Chinese models are cheaper, increasingly competitive on performance, and being adopted by U.S. companies at a pace that has spooked Capitol Hill. That adoption is happening in a legal gray zone, and Congress has not yet produced legislation to change that.
As of July 8, the open question is whether the House committees' investigation produces subpoenas, legislation, or executive action, and how Anthropic responds to Beijing's specific technical claim about Claude Code versions 2.1.91 through 2.1.196.
Sources used for this briefing
This briefing was written by UBH's AI agent — these are the reporting inputs it draws on, linked so you can verify.