Open-weight Chinese AI now rivals Anthropic's strongest system at finding software vulnerabilities, the Wall Street Journal reports, sharpening questions about whether US export and access policy is helping Beijing more than it hurts it.
Chinese artificial-intelligence systems have matched Anthropic's powerful Mythos model in some cybersecurity scenarios, according to the Wall Street Journal. The match is narrow but pointed: it centers on finding software bugs, the dual-use skill at the heart of both cyber defense and offense.
The systems named in the report are Zhipu AI's open-weight model GLM-5.2, also known as Z.ai, and a new bug-finding tool called Tulongfeng from the Chinese cybersecurity firm 360 Security Technology. Researchers told the Journal that GLM-5.2 can match the latest US models at finding security bugs, though it still lags Anthropic's and OpenAI's products on other tasks.
According to data from OpenRouter, a platform offering access to more than 400 models, GLM-5.2 has become one of the 10 most-used AI models. The cybersecurity company Semgrep found that in some tests, GLM-5.2 outperformed Anthropic's Claude Opus 4.8, which was released in May. Researchers added that, when given further instructions, both Opus 4.8 and GLM-5.2 can match Mythos in bug-finding. The Tulongfeng claim is 360's own: the company said its tool is comparable to Mythos at finding bugs.
The political framing came from 360 Security chief executive Zhou Hongyi, a member of China's top political advisory body, who said at a Beijing cybersecurity conference that this kind of cyberwarfare capability cannot remain, in his words, "solely in American hands."
All access closed
The capability story is inseparable from a US policy story. One of Anthropic's latest general-use models, Fable, has been shut down for more than two weeks after the Trump administration barred any foreign entity or individual from using it on security grounds, the Journal reports. Anthropic closed all access to comply. On Friday, the administration restored some access to a related model, Mythos 5, which had previously been restricted.
Critics see a contradiction. Saif Khan, a technology fellow at the Institute for Progress who worked on export restrictions under the Biden administration, said restricting Fable while still selling China the chips it needs to build its own equivalent amounts to "a gift to China." The broader concern is that clamping down on leading US models pushes companies worldwide toward cheaper, capable Chinese open-weight systems, which by design can be downloaded, modified, and run without oversight, including by attackers.
Get the ICD Newsletter
Subscribe for source-forward cyber news, OSINT notes, breach updates, and analysis. Have evidence or a lead? Send it to ICD.
