China’s own Mythos: Qihoo 360 founder says China has its own ‘Mythos’
At ISC.AI 2026 in Beijing on June 24, Qihoo 360 founder Zhou Hongyi declared China’s own Mythos cybersecurity system. He also unveiled Tulong Feng alongside Yitian Zhen and Panshi Zhidun at the event. Tulong Feng has found a cumulative 3,432 vulnerabilities to date, with 105 confirmed by Chinese regulatory bodies and several flagged as high-severity by the national vulnerability database.
At ISC.AI 2026 in Beijing on June 24, Qihoo 360 founder Zhou Hongyi unveiled Tulong Feng, Yitian Zhen and Panshi Zhidun. Tulong Feng has found a cumulative 3,432 vulnerabilities, with 105 confirmed by Chinese regulatory bodies and several flagged as high-severity by the national vulnerability database. Zhou introduced the tools during his presentation at the event.
Zhou framed Mythos as an autonomous cybersecurity capability, saying Mythos amounts to ‘cyber nuclear weapons’ in the AI age—an autonomous system that can find vulnerabilities, analyze them, and build attack chains without human direction. He added, China’s cybersecurity industry must have its own Mythos. He also said, U.S. organizations can use Mythos to scan your vulnerabilities, but you don’t even have the right to look at Mythos. He made these statements while unveiling the three tools.
He told the audience, America has Mythos, and said, China also has its own ‘Heaven-Sword Dragon-Saber.’ The remarks accompanied his unveiling of Tulong Feng, Yitian Zhen and Panshi Zhidun at ISC.AI 2026 in Beijing on June 24.
Z.ai / Zhipu AI released GLM-5.2 under an MIT license. The model runs under an MIT license with no subscription gates, no geographic restrictions, and is freely modifiable by anyone. GLM-5.2 is presented as an open-distribution model that users can modify without licensing constraints. The release notes emphasize the model’s permissive licensing and operational freedoms.
Independent evaluations reported measurable performance and cost advantages for GLM-5.2 in security testing. Semgrep’s evaluation of insecure direct object reference detection scored GLM-5.2 at 39%, ahead of Claude Code in the same test. Graphistry’s evaluation found GLM-5.2 matched Claude Opus 4.8 on a capture-the-flag challenge. Reported cost efficiency for GLM-5.2 is around $0.17 per finding, compared with over $1 per finding for Claude-based workflows.
The U.S. government pulled Mythos 5 and Fable 5 offline for foreign nationals. Z.ai co-founder Tang Jie called Anthropic’s withdrawal deeply regrettable. Qinkai Zheng said, We want the model accessible to everyone. These remarks were reported in relation to the restrictions on access for foreign nationals.
Elon Musk predicted China would not match Fable-level capability until Q1 2027. Tang Jie responded, Won’t take that long. Both statements were reported in coverage of competitive responses to the access restrictions.
The public comments documented expressions of regret and competing statements about capability timelines. They were presented alongside reports of the U.S. access restrictions.
China’s own Mythos cybersecurity efforts and Z.ai’s GLM-5.2 model have emerged as notable developments in a domestic technology push against U.S. AI cybersecurity systems and access restrictions. Qihoo 360’s unveilings at ISC.AI and Z.ai’s open-licensed GLM-5.2 were reported as elements of that competitive landscape. Public comments and access limits were included in reporting on relative capabilities and availability.


