Z.ai's GLM-5.2 matches Mythos in cybersecurity, resetting AI race

China's Z.ai released GLM-5.2, an open-weight model that matches Anthropic's Mythos in cybersecurity bug-finding, bypassing the US government controls applied to American frontier AI.

"The gap between US and Chinese AI models has narrowed significantly," said Lior Div, CEO of cybersecurity firm 7AI. "China is making sure the gap becomes smaller and smaller over time."

GLM-5.2 packs 744 billion parameters in a mixture-of-experts architecture with a 1-million-token context window — enough to ingest an entire code repository. On agentic coding benchmarks, it beats OpenAI's GPT-5.5 outright and lands within a few points of Anthropic's Claude Opus 4.8, at roughly one-sixth the API cost. Semgrep found GLM-5.2 beat Claude on an IDOR-detection task at about 17 cents per bug found.

The release upends the assumption that the most capable cyber-AI would stay behind gated APIs. Anthropic's Mythos 5, restored June 26 to roughly 100 vetted US organizations after a two-week ban, and OpenAI's GPT-5.6, limited to about 20 government-approved companies, both operate under strict vendor oversight. GLM-5.2, released under an MIT license, carries no such constraints.

Open Weights Remove the Vendor

The contrast in governance models could not be starker. Anthropic's Mythos 5 sits behind export controls and a vetted-partner list after the Trump administration invoked export-control authority June 12 to bar foreign-national access. The action followed Amazon CEO Andy Jassy's warning that researchers had used prompts from the consumer-grade Fable 5 to extract information useful for cyberattacks.

GLM-5.2 inverts that arrangement. The weights are downloadable, the runs are local, and the cloud logs defenders rely on to catch abuse are never generated. Within days, hackers were trading jailbreaks on Russian-language forums, with one researcher describing the model chaining exploits "the way an elite human attack would," Axios reported.

China's 360 Security Technology added to the pressure on June 24, releasing a bug-finding tool called Tulongfeng that it said is comparable to Mythos. CEO Zhou Hongyi said at a Beijing conference that China would face unacceptable risks if American entities could use advanced AI to scan Chinese networks while denying Chinese companies comparable capabilities.

Defenders Face a Compressed Timeline

Anthropic CEO Dario Amodei warned in May that Mythos had already surfaced tens of thousands of software vulnerabilities and that defenders had perhaps six to twelve months to patch them before comparable capability spread more widely. GLM-5.2 is what that spread looks like. A competent operator can wire it into existing scanners and CI pipelines to accelerate both defense and offense.

The Pentagon has taken notice, recently announcing a deal with Reflection AI, one of the few domestic open-weight developers, for use in classified settings. Microsoft and other companies are weighing how to offer Chinese models on their platforms, a development that could accelerate adoption of open-weight alternatives.

For investors, the implications cut both ways. US AI leaders face a competitive landscape where their most powerful cybersecurity tools are constrained by government oversight while a Chinese alternative with comparable capability operates freely. Companies that build AI-driven security tools — CrowdStrike, Palo Alto Networks, SentinelOne — may see increased demand as organizations race to deploy defensive AI before adversaries weaponize open-weight models. The narrowing capability gap also pressures the White House to reconsider chip export restrictions, which critics say have been undermined by distillation techniques.

This article is for informational purposes only and does not constitute investment advice.