Chinese AI Matches Anthropic on Cybersecurity Tasks

Security researchers told the Wall Street Journal that Zhipu AI's GLM-5.2 can match Anthropic's Mythos in some software-bug finding scenarios, according to public coverage cited by multiple outlets. The New York Post reports that cybersecurity vendor Semgrep found GLM-5.2 outperformed Anthropic's Claude Opus 4.8 on some benchmark tests. The New York Post also cites OpenRouter as ranking GLM-5.2 among the 10 most-used AI systems. Reporting in NDTV and the New York Post states that Chinese cybersecurity firm 360 Security Technology unveiled an automated vulnerability-finding tool named Tulongfeng and described its performance as on par with Mythos.

Security reporting quoted Lior Div, chief executive of cybersecurity company 7AI: "China is making sure that the gap becomes smaller and smaller over time," as reported by the Wall Street Journal. NDTV's coverage adds that GLM-5.2 is distributed as an open-weight model that users can download and modify without centralized supervision.

Models specialized for vulnerability discovery are dual-use by design: the same techniques that surface potential bugs for triage-pattern matching across code, semantic analysis, automated fuzzing prompts-can be repurposed to generate proof-of-concept exploits or to prioritize attack paths. Industry-pattern observations: when high-capability models become openly available, adversaries with modest resources can iterate faster, compressing the time between vulnerability discovery and exploitation.

Open-weight distribution materially changes the threat model. NDTV's reporting that GLM-5.2 is open-weight implies organizations cannot rely solely on cloud-provider telemetry to monitor usage, and code-level control or supply-chain attestations gain importance. Editorial analysis: observers familiar with past open-source model waves note that hosting cost savings and flexibility often drive enterprise interest in non-U.S. models, but they also increase the surface for uncontrolled modifications and offline experimentation.

Multiple outlets place this development in the context of U.S. policy action. NDTV notes the United States recently ordered Anthropic to stop exporting a less capable variant over national security concerns, and reporting links the narrowing performance gap to renewed scrutiny of export controls and investment oversight. Industry context: policymakers and vendors will likely monitor benchmark parity and distribution models when calibrating controls, but specific policy steps will depend on classified risk assessments and interagency decisions.

Indicators worth tracking include third-party benchmark releases that reproduce or dispute the Semgrep and OpenRouter findings; enterprise adoption signals such as major cloud providers or platform vendors hosting or blocking GLM-5.2; additional product announcements from Chinese cybersecurity firms like 360 Security Technology; and formal statements from national security agencies or export-control authorities. For practitioners, open-weight model availability is the practical trigger: watch for local-run experiment reports, reproducible exploit generation, and developer-community tooling that lowers the barrier to offensive use.

Reporting sources: coverage in the Wall Street Journal (as cited by syndicated outlets), the New York Post, NDTV, and summarizing commentary from industry outlets provided the factual basis for this analysis. Editorial analysis sections above are LDS interpretation and industry-pattern observations, not claims about internal intentions of the companies named.