China’s Zhipu AI (Z.ai) has claimed to have developed a new AI model on par with Anthropic’s Mythos on cybersecurity capabilities.
According to a report by The Wall Street Journal, Zhipu’s recently launched GLM-5.2 model can match the performance of American AI models in terms of finding security bugs but still lags behind Anthropic and OpenAI’s products in other tasks.
The news around the new capabilities of GLM-5.2 comes at a time when the US government has grown more protective over giving access to American AI models to the world. Recently, the Trump administration asked Anthropic to shut down access to its Fable 5 and Mythos 5 models to people outside the US. Similarly, OpenAI was recently asked to stagger the release of the GPT-5.6 model.
GLM-5.2 matches Mythos
As per data from OpenRouter, GLM-5.2 has ranked among the top 10 most-used AI models globally. Meanwhile, cybersecurity company Semgrep found that the Chinese AI model even outperformed Claude Opus 4.8 in certain tasks. Meanwhile, the researchers also found that with additional prompting, GLM-5.2 and Claude Opus 4.8 could match Mythos’ bug-finding abilities.
GLM-5.2 is a 753 billion-parameter model with a 1 million-token context window, which means that the model can be used to handle long coding sessions and large codebases without losing context.
The model also comes with adjustable reasoning levels, meaning users can choose between getting faster responses or more detailed responses based on the complexity of the task at hand.
On the SWE-bench Pro benchmark that measures the coding abilities of models, GLM-5.2 scored 62.1, which was ahead of GPT-5.5 (58.6) but behind Anthropic’s Claude Opus 4.8 at 69.2.
Notably, GLM-5.2 is an open-weight model, which means that unlike Anthropic or OpenAI‘s models, it can be downloaded by anyone and can be run on their hardware while also being modified to run without supervision.
While the open-weight nature of the model gives more flexibility to developers, it also means that the model could be used by hackers to identify software vulnerabilities without any oversight.
Earlier this week, another Chinese cybersecurity company, 360 Security Technology, also released a new fuzzing tool called Tulongfeng, which it claimed had similar bug-finding abilities as Mythos.
“This kind of powerful weapon that can alter the landscape of cyberwarfare can’t remain solely in American hands,” 360 Security Chief Executive Zhou Hongyi was quoted as saying by WSJ.
Notably, Anthropic had unveiled Mythos earlier this year but refused to release the model to the public because of fears of the AI model being misused. The company did release it to some of its partners under Project Glasswing, where it revealed that Mythos was able to find a 27-year-old vulnerability in OpenBSD while helping Mozilla find 271 security vulnerabilities in an early version of Firefox.
The WSJ report notes that with the capability gap between US and Chinese AI models narrowing, businesses are now looking to rein in costs. Reportedly, a number of companies, including Microsoft, are now looking at options to offer Chinese models on their platforms, which could alter the balance of power among tech companies.
Leave a Reply