China's Z.ai claims GLM 5.2 matches Mythos on cyber as US holds back frontier models

Chinese AI lab Z.ai (Zhipu) is claiming its GLM 5.2 model matches Anthropic's Mythos on cybersecurity tasks, and security firm 360 unveiled vulnerability-discovery tools pitched as rivals to Mythos. The timing is the story: these claims surfaced exactly as the US government was gating OpenAI's Sol and Anthropic's Mythos, raising the uncomfortable possibility that export-style controls on US frontier models slow defenders without denying capable tools to adversaries.

The technical claims remain unverified — 'matches Mythos on cyber benchmarks' is a marketing assertion until independently tested — but they gained credibility from a widely shared Semgrep blog post, 'GLM 5.2 beats Claude in our cyber benchmarks,' which hit 523 points on Hacker News and fueled discussion that Chinese open models are closing the gap with frontier labs. GLM 5.2's open weights make the parity argument harder to dismiss than a closed-model claim.

The competitive backdrop is fierce. DeepSeek, now valued at over $50 billion after a $7.4 billion first funding round, plans to double its workforce, and DeepSeek's DSpark efficiency work shows Chinese labs advancing on cost as well as capability. Together these undercut the premise that holding US models back preserves an edge.

Reaction on r/singularity was charged, including a 'supervillain China' thread (295 upvotes, 408 comments) capturing US officials' fear of falling behind 'even a little.' Security researchers like Alex Stamos argued the restricted models show no risks beyond other public systems, sharpening skepticism about the cybersecurity rationale. Watch whether independent benchmarks substantiate GLM 5.2's cyber claims and whether US policymakers revisit the gating logic as open Chinese models proliferate.