China Has Matched Anthropic in Cybersecurity, Resetting AI Race

I suppose you're going to whine that's it unpatriotic for me to use China's DeepSeek model to write the entirety of the Report?

China Has Matched Anthropic in Cybersecurity, Resetting AI Race

Clampdown on top U.S. artificial intelligence is fueling concern that Washington is handing Beijing a cyberwarfare advantage

By Robert McMillan, Raffaele Huang and Amrith Ramkumar, WSJ

June 27, 2026

Chinese AI systems can match U.S. models in cybersecurity bug-finding scenarios, pressuring the White House on AI policy.

View more

Chinese artificial-intelligence systems have matched the performance of Anthropic’s powerful model Mythos in some cybersecurity scenarios, a development poised to reset the global tech race and pressure the White House in its overhaul of U.S. AI policy.

Security researchers said that a new AI model, released this month by China’s Zhipu AI, also known as Z.ai, can match the latest U.S. models when it comes to finding security bugs, although it still lags behind Anthropic’s and OpenAI’s products in other tasks.

Overall, the capability gap between top U.S. models and those built by Chinese companies has narrowed significantly, and use of Chinese AI systems has surged as businesses seek to rein in runaway costs. A host of companies, including Microsoft, are weighing how they can offer Chinese models on their platforms, a development that is set to alter the balance of power among tech companies.

“China is making sure that the gap becomes smaller and smaller over time,” said Lior Div, chief executive officer of the cybersecurity company 7AI.

The ability of AI systems to find bugs in software has added urgency to efforts to use models to close quickly vulnerabilities that could be exploited by hackers. Otherwise, the world will face what some researchers have called a bugmageddon.

Unlike models from Anthropic or OpenAI, Zhipu’s GLM-5.2 is open-weight. That means it can be downloaded and run on hardware operated by anybody and can be modified and used without supervision. Open-weight models are ideal for users who want unfettered access to systems they control, but they are also ideal for hackers, who can run them in the shadows.

GLM-5.2 has ranked as one of the 10 most-used AI models, according to data from OpenRouter, a company that provides access to more than 400 AI models. In some benchmarking tests, according to the cybersecurity company Semgrep, GLM-5.2 bested Anthropic’s Claude Opus 4.8 model, which was released in May. When given further instructions, Opus 4.8 and GLM-5.2 can match Mythos in bug-finding ability, according to researchers.

On Wednesday, the Chinese cybersecurity company 360 Security Technology released a new bug-finding tool called Tulongfeng. The company said it was comparable to Mythos in finding bugs. Those capabilities have alarmed many national-security officials and CEOs.

“This kind of powerful weapon that can alter the landscape of cyberwarfare can’t remain solely in American hands,” 360 Security Chief Executive Zhou Hongyi said at a cybersecurity conference in Beijing. Zhou, an outspoken internet veteran and member of China’s top political advisory body, said China would face unacceptable risks if American entities could use advanced AI models to scan critical Chinese network systems while denying Chinese companies comparable capabilities.

CEO of 360 Security Technology Zhou Hongyi speaks to reporters

Zhou Hongyi, chief executive of 360 Security Wu Hao/EPA/Shutterstock

China’s advances coincide with unprecedented U.S. government roadblocks to developers releasing models. On Friday, OpenAI said it was limiting access to its latest model, known as GPT-5.6, because of security concerns among administration officials. The company warned that the current case-by-case model-evaluation process wasn’t a long-term solution but said it is being used while a recent executive order focused on security and model oversight is implemented.

One of Anthropic’s latest general-use models has been shut down for more than two weeks after the Trump administration said no foreign entity or individual could use it because of security risks. The company closed all access to comply with the rule. The administration on Friday restored some access to a related Anthropic model called Mythos 5, which had previously been restricted.

Many have called the administration’s attack on a leading U.S. AI company counterproductive and criticized its decision to allow exports of AI chips to China in light of the nation’s recent advances.

“Banning Fable while selling chips China needs to develop its own version is a gift to China,” said Saif Khan, a distinguished technology fellow at the Institute for Progress think tank who worked on export restrictions in the Biden administration. The U.S. needs to maximize the use of Mythos and comparable models to harden its cyber defenses while it can, he added.

Among the Mythos 5 and Fable 5 users that had lost access before Friday’s decision to restore Mythos 5 access for some trusted entities: the National Security Agency, which had been testing the tools and found them impressive in trials, according to people familiar with the matter.

Critics of the White House approach have said it has been lax in restricting use of Chinese open-weight models from companies such as DeepSeek and Zhipu, which are popular among U.S. businesses.

Some companies have evaded existing chip-export restrictions, while others have used distillation—in which a new system learns from an existing one by asking it hundreds of thousands of questions and analyzing the answers—to benefit from U.S. advances.

“Our administration is very much focused on Chinese open-source models,” said Jacob Helberg, who is undersecretary of state for economic affairs and a former tech adviser and investor. “It’s something that we’re tracking very closely.” He spoke in a recent interview at a summit for a coalition of countries working to secure supply chains and counter China’s influence in AI.

In one sign the administration wants to boost U.S. open-weight companies, the Pentagon recently announced a deal with one of the few domestic open-weight developers, Reflection AI, for use in classified settings along with a host of similar agreements.

At the same time, AI users said that U.S. efforts to rein in the worrisome capabilities of recent cybersecurity-focused models have added to concerns that access to needed systems could eventually be cut off.

“It is incentivizing companies across the globe to use cheaper but very capable Chinese open-weight models, while at the same time undermining the U.S. AI industry,” said Niels Provos, a researcher who led security teams at Google and Stripe. “I don’t understand it.”