China's Z.ai says its latest model matches Mythos in cybersecurity
What's the story
China's Zhipu AI (Z.ai) has launched its open-weight GLM-5.2 model, which some researchers say matches Anthropic's Mythos in certain bug-finding and cybersecurity scenarios. The development is a major leap for China, as it narrows the gap between its models and those of the US. However, this progress has raised concerns within the US government, which has been trying to limit China's access to advanced models like Mythos and Fable.
Security risks
GLM's open-weight nature raises concerns over potential misuse
The open-weight nature of the GLM model allows anyone to download and run it on readily available hardware. While this provides flexibility and deep access for power users, it also makes the model susceptible to misuse by malicious actors with little oversight. The US government has been particularly concerned about such advancements, especially after OpenAI's recent launch of GPT-5.6, which has also raised fears of potential misuse due to limited access restrictions.
Model capabilities
GLM-5.2 outperforms Claude Opus 4.8 in some tasks
The GLM-5.2 model, a 753 billion-parameter system with a 1 million-token context window, has been among the top 10 most-used AI models globally, according to OpenRouter. Cybersecurity firm Semgrep found that it even outperformed Claude Opus 4.8 in some tasks. The model also offers adjustable reasoning levels for faster or more detailed responses depending on task complexity, making it highly versatile for long coding sessions and large codebases without losing context.
Model comparison
GLM-5.2 scores on SWE-bench Pro benchmark
On the SWE-bench Pro benchmark measuring coding abilities, GLM-5.2 scored 62.1, ahead of GPT-5.5 (58.6) but behind Anthropic's Claude Opus 4.8 at 69.2. The model's open-weight nature allows anyone to download and run it on their hardware, even modify it for unsupervised use. While this flexibility is beneficial for developers, it also poses a risk as hackers could exploit the model to discover software vulnerabilities without any oversight or control mechanisms in place.
Tech developments
Another Chinese firm launched a similar tool recently
Along with Zhipu AI, another Chinese cybersecurity firm, 360 Security Technology, recently launched a fuzzing tool called Tulongfeng. The company claims it has similar bug-finding capabilities as Mythos. "This kind of powerful weapon that can alter the landscape of cyberwarfare can't remain solely in American hands," said 360 Security Chief Executive Zhou Hongyi.