Detailed Analysis
Chinese cybersecurity firm 360 Digital Security Group has made sweeping claims about an internally developed AI system capable of autonomous vulnerability discovery at a scale that invites direct comparison to Anthropic's Claude Mythos model. The firm asserts its Multi-Agent Collaborative Vulnerability Discovery System identified approximately 1,000 vulnerabilities, with the system reportedly responsible for roughly half of the discoveries 360 contributed to the Tianfu Cup, a prominent Chinese hacking competition. Among the most striking individual claims is that the system identified CVE-2026-32190, a critical Microsoft Office vulnerability, within minutes — a flaw that, according to 360, had gone undetected for approximately eight years. The breadth of targets reported — spanning Windows, Microsoft Office, Android, OpenClaw, and IoT devices — underscores the ambition of the claims, even as their verifiability remains in question.
Credibility concerns, however, temper the significance of 360's announcements. A separate Windows kernel vulnerability, CVE-2026-24293, which 360 claimed to have discovered, was officially credited by Microsoft to researchers from Taiwan and South Korea — a discrepancy that raises legitimate doubts about the accuracy of the firm's broader attribution claims. ETH Zurich cybersecurity researcher Eugenio Benincasa, who specializes in Chinese cyber operations and analyzed the claims through the Natto Thoughts blog, appears to have been among the first Western analysts to scrutinize the assertions in depth. His involvement signals that the security research community is treating the claims as analytically significant, even if not fully credible at face value.
The comparison to Claude Mythos places these developments within a rapidly evolving competitive landscape between American and Chinese AI capabilities in the offensive cybersecurity domain. Anthropic's Mythos is described as a frontier model with autonomous vulnerability discovery capabilities at a comparable scale to what 360 is claiming. Critically, Anthropic has withheld public release of the model specifically to prevent abuse, making it available only to a few dozen major organizations through the restricted Project Glasswing program. This controlled deployment reflects growing industry awareness that advanced AI systems capable of identifying zero-day vulnerabilities at scale represent a qualitatively different class of risk than prior generations of AI-assisted security tools.
The geopolitical dimensions of the comparison are further sharpened by statements from Anthropic's own CEO, who has suggested that open source models and Chinese developers could replicate Mythos-level performance within a 6-to-12-month window — a timeline corroborated by researchers at cloud security firm Wiz. If accurate, this assessment implies that the strategic advantage conferred by restricting access to models like Mythos may be narrow and time-limited. The 360 claims, whether fully substantiated or not, serve as a data point consistent with that trajectory: Chinese firms are openly benchmarking their AI security capabilities against the most capable known Western systems and presenting parity or near-parity as an achievable near-term outcome.
The broader trend illuminated by this episode is the accelerating militarization of AI capabilities in the cybersecurity domain, with autonomous vulnerability discovery emerging as a key benchmark of frontier model performance. The fact that both American and Chinese actors are now publicly discussing AI systems capable of finding hundreds of high-severity vulnerabilities — across major commercial platforms — marks a meaningful threshold in the threat landscape. Whether 360's specific claims hold up to scrutiny, the competitive dynamic they represent is real: the race to deploy AI systems capable of offensive cyber operations at machine speed is no longer hypothetical, and the institutional controls that entities like Anthropic are attempting to impose through restricted access programs face mounting pressure from both the pace of open-source development and the ambitions of state-adjacent security firms operating outside those frameworks.
Read original article →