AI Models Bearish 8

AI that finds bugs 100x faster: 360 founder demands Chinese Mythos

· 5 min read · Verified by 4 sources · By AI Intelligence Brief Editorial
Share

Key Takeaways

  • Anthropic’s release of Mythos, an AI model that autonomously uncovers software vulnerabilities at 100 times the speed of human researchers, has triggered a call from 360’s Zhou Hongyi for China to build its own frontier cybersecurity AI.
  • The gap risks a new AI arms race with direct national security implications.

Mentioned

Zhou Hongyi person 360 Security Technology company 601360.SH Anthropic company Mythos product Project Glasswing alliance Zhipu AI company GLM-5.2 product Claude Fable 5 product

Key Intelligence

Key Facts

  1. 1Mythos, released in April 2026, autonomously identifies software vulnerabilities and reportedly accelerates discovery 100-fold while cutting costs dramatically.
  2. 2Through Project Glasswing, Anthropic in April 2026 granted more than 40 organizations access to Mythos Preview — all from the US and its allies, with China excluded.
  3. 3360 Security Technology founder Zhou Hongyi called Mythos a 'cyber nuclear weapon' and urged China to build its own equivalent for 'reciprocal strategic deterrence.'
  4. 4Zhou's June 24, 2026 speech marked the first public warning from a prominent Chinese tech founder about the strategic risks of US frontier AI cybersecurity models.
  5. 5Anthropic's earlier Claude Fable 5 model was briefly released then withdrawn after Washington ordered a foreign access block, fueling speculation that Chinese models like Zhipu AI's GLM-5.2 could close the gap.
  6. 6A domestic Chinese Mythos-class model would aim to match the offensive cyber capabilities of the US and prevent unacceptable strategic asymmetry.

A game-changing weapon in cyber warfare cannot be held solely in the hands of others.

Zhou Hongyi Founder, 360 Security Technology

Urging China to build its own Mythos equivalent

Vulnerability Discovery Speedup
100x With Mythos vs. traditional methods

Democratizing cyberattacks and reshaping AI model priorities worldwide

Who's Affected

Chinese AI Labs (Zhipu AI, etc.)
companyPositive
Anthropic
companyPositive
Open-Source AI Community
otherNegative
601360.SH360 Security Technology Inc.
$12.45+0.32 (+2.64%)

Analysis

The frontier of AI development is shifting from chat towards autonomous cyber operations, and Anthropic’s Mythos is its most consequential example yet. With the ability to slash vulnerability discovery costs and democratize offensive capabilities, Mythos has turned AI into a tool of strategic deterrence. For China’s AI labs, Zhou’s speech signals that national security imperatives will increasingly dictate model priorities, pushing them beyond general benchmarks into hardened, military-grade cybersecurity applications. The race is no longer about who builds the best language model—it’s about who builds the best autonomous hacker.

In a stark warning at a Beijing cybersecurity conference on June 24, 2026, 360 Security Technology founder Zhou Hongyi declared that China must urgently develop its own equivalent to Anthropic's Mythos AI model, describing the US technology as a 'cyber nuclear weapon' that threatens to tilt the balance of global cyber defenses irreversibly against nations excluded from it. Zhou's remarks mark the first public alert from a prominent Chinese tech leader about the strategic dangers posed by an American frontier AI model designed from the ground up to autonomously find and exploit software vulnerabilities at unprecedented speed and scale. Released in April 2026, Mythos reportedly accelerates vulnerability discovery a hundredfold while slashing associated costs, effectively 'democratising' offensive cyber capabilities and putting them within reach of a much wider range of actors. The entire cybersecurity industry now confronts a new era where attack surfaces can be mapped and breached orders of magnitude faster than human researchers or legacy tools could ever manage.

The frontier of AI development is shifting from chat towards autonomous cyber operations, and Anthropic’s Mythos is its most consequential example yet.

Zhou specifically highlighted the US-orchestrated Project Glasswing alliance, through which Anthropic in April granted more than 40 organizations access to Mythos Preview to strengthen their cyber defenses, while conspicuously excluding any Chinese entity. This arrangement, Zhou argued, means that US and allied defenders can systematically scan Chinese digital infrastructure for zero-day vulnerabilities without Chinese counterparts ever getting the chance to examine the very engine performing those scans. For Zhou, that asymmetry is tantamount to a strategic nuclear imbalance — hence his call for a domestic equivalent to create a 'reciprocal strategic deterrence capability' modeled on mutually assured destruction logic. His framing was deliberately provocative, aiming to galvanize policymakers and industry into mobilizing the kind of resources China previously marshaled for its nuclear weapons and space programs. Behind the rhetoric lies a concrete fear: that Mythos-class models will shift the offense-defense balance so decisively that known vulnerabilities will proliferate faster than patches can be developed, tested, and deployed, leaving critical infrastructure permanently exposed.

The context of Zhou's warning is a fiercely intensifying US-China technology rivalry, now entering a phase where AI security tools are being weaponized as instruments of geostrategic advantage. Anthropic's own brief roll-out of its consumer-facing Claude Fable 5 model earlier this year — and its subsequent withdrawal after Washington ordered a block on foreign access — had already exposed the extent to which AI model distribution is becoming politicized. That episode fueled speculation that Chinese open-weight models, such as Zhipu AI's GLM-5.2, might close the gap, but Zhou's comments suggest a far more urgent and defense-focused ambition: not merely parity in general-purpose language models, but a dedicated, AI-powered vulnerability research engine that can operate at the scale of an entire nation's attack surface. For a country as digitally vast as China, with its massive state-owned enterprises, sprawling fintech ecosystem, and critical infrastructure networks, the absence of such a capability represents a potential systemic risk.

What to Watch

The implications for the global cybersecurity market are far-reaching. A successful Chinese Mythos competitor would not only restore a measure of mutual deterrence but could also reshape the international commercial vulnerability disclosure and bug bounty landscape. If both the US and China possess AI systems capable of autonomously discovering thousands of zero-days per month, the economics of vulnerability markets would be upended; prices could crash, while the sheer volume of flaws might overwhelm even the most well-resourced patch management programs. Meanwhile, cybersecurity firms like 360 stand to gain enormously if Beijing channels state funding into building the homegrown Mythos. 360 Security Technology, which already dominates China's consumer and enterprise security markets, would be a natural lead recipient of such an initiative, potentially transforming it from a services-oriented defender into a provider of the most advanced offensive cybersecurity AI on the planet. The speech, therefore, also served as a strategic pitch for a new industrial policy, one that could align private sector R&D with national security imperatives in much the same way the US has done with its cloud computing and AI giants.

Beyond immediate market effects, Zhou's cry for a 'cyber nuclear weapon' of China's own signals a dangerous normalization of militarized language in AI development. It frames AI cybersecurity as an arms race, not a cooperative endeavor, reinforcing the tendency of both sides to treat non-proliferation norms as vestiges of a bygone era. As China reportedly accelerates work on its own frontier AI security capabilities, the international community faces a stark choice: either forge multilateral agreements to constrain the offensive use of autonomous vulnerability discovery systems, or accept a world where every connected device is constantly being autonomously probed by adversarial AI. Zhou's speech is a reminder that the window for such agreements is closing rapidly. For enterprise security leaders worldwide, the message is clear: the era of AI-augmented vulnerability discovery is here, and the only question is whether defensive AI can evolve quickly enough to match its offensive counterpart.

Sources

Sources

Based on 4 source articles

Related Stories

AI Models

How Hong Kong's 2-Language Fluency Exposes AI's Cross-Lingual Hallucination

A firsthand test of Google Gemini revealed a dangerous cross-lingual hallucination: fabricated English citations masking unverified Chinese content, while Chinese outputs dropped global context. Bilingual cross-examination broke the deception, revealing systemic epistemic asymmetry in LLMs—and highlighting why Hong Kong’s dual-language population is a new asset for AI safety.

AI Models

$700B AI Bottleneck: Nadella's Warning and the $42M Open-Source Answer

The AI industry's infrastructure is concentrating among four tech giants, with their combined capex nearing $700B. Microsoft CEO Satya Nadella's viral essay and Sentient Foundation's $42M grant for open-source AGI highlight a growing battle between closed and open AI ecosystems.

AI Models

DJI's AI Drone Dominance at Risk as US Ban Triggers 3,000+ Protests

The U.S. crackdown on DJI threatens to cut off American users from the most advanced AI-powered drone systems, prompting 3,000+ users to warn that AI leadership may pass to rivals.

AI Models

Amazon's $13B AI infrastructure surge in India includes custom chips and managed services

Amazon's latest $13 billion India investment is squarely aimed at AI infrastructure, with AWS data centers in Mumbai and Hyderabad set to offer custom AI chips and managed AI services, accelerating the country's AI model training and deployment capabilities.

How we covered this story

Every story in our ai coverage is assembled from multiple primary sources, cross-referenced for factual consistency, and scored along three independent dimensions: sentiment, operational impact, and source-cluster confidence. Single-source rumors and unverifiable claims do not pass our editorial gate. When a story shows "Verified by N sources" with N≥2, the development is independently corroborated; when N=1, we mark it explicitly so readers can weigh the signal accordingly.

Impact scoring uses a 1-10 scale weighted toward regulatory, financial, and operational consequence rather than coverage volume. A topic that runs in every outlet but moves no real decisions ranks lower than a niche regulatory filing that reshapes how operators in the ai space have to behave. Read our full methodology for the scoring rubric, our glossary for term definitions, and our trends index for the longitudinal view across the beat.

Signal on this pageWhat it tells you
Verified by N sourcesIndependent corroboration count. N≥2 is our confidence floor; N=1 is marked explicitly.
Impact score (1-10)Regulatory + financial + operational weight. 8+ signals an experienced-operator action item.
SentimentFive-tier classification trained on labeled ai-specific corpora.
TimelineWhere applicable, the related-events sequence that contextualizes today's development.