Summary
- Zhou Hongyi, founder of 360, introduced "Tulong Feng" at ISC.AI 2026, asserting it serves as China's response to Anthropic's Mythos.
- Z.ai's GLM-5.2, released when Anthropic's models were restricted, outperformed Claude Code on a critical vulnerability detection benchmark, costing about $0.17 per finding.
- These developments emerge as Anthropic is in discussions with the Commerce Department to restore access to Mythos 5 and Fable 5.
The U.S. has imposed export restrictions on Anthropic’s AI model Claude Mythos, which is now under a government-controlled access and a vetted coalition. In response, China held a conference where it announced the availability of a similar AI model for free.
At the ISC.AI 2026 event in Beijing on June 24, Zhou Hongyi, the founder of Qihoo 360, emphasized the necessity for China to establish its own Mythos, declaring, "China's cybersecurity industry must have its own Mythos." He introduced Tulong Feng—an AI tool for identifying vulnerabilities—alongside Yitian Zhen, an automated defense system, and a new security coalition named "Panshi Zhidun," which translates to Shield of Bedrock.
Zhou's comments were deliberate, suggesting that Mythos represents "cyber nuclear weapons" in the realm of artificial intelligence—an autonomous system capable of detecting vulnerabilities, analyzing them, and constructing attack strategies independently. He stated, "U.S. organizations can use Mythos to scan your vulnerabilities, but you don't even have the right to look at Mythos," highlighting that Chinese firms are excluded from Glasswing, Anthropic's partner initiative that includes major tech corporations like Microsoft and Apple.
Zhou claimed that Tulong Feng has identified a total of 3,432 vulnerabilities, with 105 validated by Chinese regulatory authorities and several marked as high-severity by the national vulnerability database. He asserted that employing an agent-first approach—utilizing specialized models instead of relying on a single dominant system—helps mitigate any existing gaps in foundational models. "America has Mythos," he told the audience. "China also has its own 'Heaven-Sword Dragon-Saber.'"
Meanwhile, the Beijing-based company Z.ai, also known as Zhipu AI, has put forth its own version. Shortly after the U.S. government restricted Mythos 5 and Fable 5, Z.ai launched GLM-5.2, which is available under an MIT license—making it free from subscription fees, geographic limitations, and allowing for modifications by anyone.
The performance metrics for the cybersecurity models were significant. Semgrep evaluated the detection of insecure direct object references—a test assessing the model's ability to identify unauthorized access in code—where GLM-5.2 scored 39%, surpassing Claude Code in this evaluation.
In a separate analysis, Graphistry found that GLM-5.2 matched Claude Opus 4.8 in a capture-the-flag challenge, with a cost of approximately $0.17 per finding, compared to over $1 for workflows based on Claude.
Z.ai co-founder Tang Jie described Anthropic's withdrawal as "deeply regrettable." Qinkai Zheng, the company’s technical lead, was more straightforward: "We want the model accessible to everyone." Responding to Elon Musk's comment that China wouldn't achieve Fable-level capabilities until Q1 2027, Tang insisted: "Won't take that long."
won’t take that long
— jietang (@jietang) June 18, 2026