1 hour ago
3
Chinese artificial intelligence models have reportedly caught up to top US systems in cybersecurity – a shift that could add pressure on the White House as it works to nail down its domestic AI policy.
Security researchers said a new model released this month by China’s Zhipu AI, also known as Z.ai, is on par with Anthropic’s flagship Mythos model in some bug-finding scenarios. While the Chinese model – known as GLM-5.2 – still trails U.S. giants Anthropic and OpenAI in other areas, researchers said the overall performance gap has greatly narrowed, according to the Wall Street Journal.
Meanwhile, a flood of high-powered, cheap-to-use Chinese AI models are quickly drawing customers across the US. Even companies including Microsoft are considering integrating the systems on their platforms, which could shift the competitive balance across the tech industry.
According to OpenRouter, which provides access to more than 400 AI models, GLM-5.2 ranks among the 10 most-used AI systems. Cybersecurity company Semgrep said the model outperformed Anthropic’s Claude Opus 4.8 in some benchmark tests. Researchers also found that, with additional prompting, both Opus 4.8 and GLM-5.2 can match Mythos in finding software bugs.
On Wednesday, Chinese cybersecurity firm 360 Security Technology unveiled a new bug-finding tool called Tulongfeng, saying it performs on par with Mythos. The advances have raised concerns among national security officials and corporate executives.
“China is making sure that the gap becomes smaller and smaller over time,” Lior Div, chief executive of cybersecurity company 7AI, told the WSJ.
“Genuinely impressed, almost shocked, at how good GLM 5.2 by @zai_org is at coding,” Guillermo Rauch, the CEO of US-based AI firm Vercel, wrote on X earlier this month. “This changes things.”
AI’s growing capacity to identify software vulnerabilities has increased pressure to use the technology to patch security flaws before hackers can exploit them. Researchers have warned that failing to do so could lead to what some have dubbed “bugmageddon.”
Zhipu’s GLM-5.2 is an open-weight model, meaning anyone can download, run and modify it on their own hardware without oversight. That’s in contrast to models built by Dario Amodei’s Anthropic or Sam Altman’s OpenAI.
While open-weight models give organizations greater control, it also gives hackers access to powerful tools.
“This kind of powerful weapon that can alter the landscape of cyberwarfare can’t remain solely in American hands,” 360 Security Chief Executive Zhou Hongyi said at a cybersecurity conference in Beijing, according to the Journal.
Zhou said China would face unacceptable risks if US organizations could use advanced AI models to scan critical Chinese networks while Chinese companies lacked comparable capabilities.
China’s progress comes as the US government has imposed restrictions on releasing advanced AI models.
On Friday, OpenAI said it was limiting access to its newest model, GPT-5.6, citing security concerns raised by administration officials. The company said its current case-by-case review process is a temporary measure while a recent executive order on AI security and model oversight is implemented.
One of Anthropic’s latest general-purpose models has also remained offline for more than two weeks after the Trump administration ruled that no foreign entity or individual could use it because of security risks. Anthropic shut down access to comply with the order. On Friday, the administration restored limited access to a related Anthropic model, Mythos 5, for some users.
Critics have argued that the administration’s actions toward a leading U.S. AI company are counterproductive, particularly as it has allowed exports of AI chips to China despite the country’s rapid AI advances.
“Banning Fable while selling chips China needs to develop its own version is a gift to China,” said Saif Khan, a distinguished technology fellow at the Institute for Progress who worked on export restrictions during the Biden administration.
Khan added that the US should maximize use of Mythos and similar models to strengthen its cyber defenses while it has the advantage.
Critics of the White House’s approach have also argued that it has not done enough to limit the use of Chinese open-weight models from companies such as DeepSeek and Zhipu, which have become popular with US businesses.
In another sign the administration is looking to support domestic open-weight AI developers, the Pentagon recently announced a deal with Reflection AI for classified applications, along with several similar agreements.
At the same time, AI users said US efforts to restrict access to increasingly capable cybersecurity models have fueled concerns that important AI tools could become unavailable.
“It is incentivizing companies across the globe to use cheaper but very capable Chinese open-weight models, while at the same time undermining the U.S. AI industry,” said Niels Provos, a researcher who previously led security teams at Google and Stripe. “I don’t understand it.”
English (US)