China’s rapid push into AI-powered cybersecurity took a dramatic turn this week, underscoring both its technological ambitions and its willingness to chart a path very different from that of the United States.
At the ISC.AI 2026 conference in Beijing on June 24, Qihoo 360 founder Zhou Hongyi delivered a speech that was as political as it was technical. Standing before an audience of security professionals and government stakeholders, he declared that “China’s cybersecurity industry must have its own Mythos” – a clear reference to the U.S.-developed Claude Mythos model from Anthropic, which Washington has locked behind strict export controls and a carefully screened coalition of partners.
To back up that statement, Zhou unveiled Tulong Feng, a new AI “vulnerability agent” developed by 360. Inside the company, it is being positioned as China’s answer to Mythos: an autonomous system built to discover, analyze, and in some contexts exploit software vulnerabilities with minimal human guidance. Alongside it, Zhou introduced Yitian Zhen, an automated defense platform intended to orchestrate protective measures based on insights from models like Tulong Feng, and announced a domestic collective security initiative named “Panshi Zhidun” – literally “Shield of Bedrock” – meant to unite Chinese organizations around shared AI-driven cyber defense.
Zhou’s rhetoric around these tools was loaded with metaphor. He likened Mythos-style systems to “cyber nuclear weapons” in the age of artificial intelligence: force multipliers that can dramatically shift the balance of power in cyberspace. In his view, any country that fails to develop or obtain comparable capabilities risks strategic vulnerability – dependent on foreign technology, subject to export restrictions, and perpetually a step behind adversaries who do have such tools.
That framing matters because of what has happened in the United States. Claude Mythos, Anthropic’s specialized cybersecurity model, has been placed under heavy restraint. It is not a general-purpose chatbot: it is designed to accelerate vulnerability research, penetration testing, and exploit development, and the U.S. government moved quickly to fence it off. Access is filtered through export rules and a tightly controlled network of vetted institutions, with policymakers explicitly concerned that the same strengths that make Mythos useful to defenders could be weaponized by attackers.
China’s response, at least on paper, is almost the mirror opposite. Rather than concentrating high-end capability in a small circle under state-guided control, one of the country’s players has already gone in the other direction entirely. While Qihoo 360 presented its in-house agent as a national asset, another Chinese AI company, Z.ai, pushed the envelope by publishing a model with comparable vulnerability-hunting skills as open-weight code – meaning anyone can download it, run it on their own hardware, and fine-tune it without asking permission.
The contrast is striking. In the U.S. model, Mythos is treated like a strategic asset akin to a sensitive weapons system: restricted, monitored, and only shared with trusted partners. In China, at least in this instance, an analogous capability was effectively dropped into the open ecosystem. That move raises as many questions as it answers. It potentially accelerates domestic innovation by giving startups, researchers, and even students powerful tooling. But it also lowers the bar for malicious actors who no longer need to build such systems from scratch.
Tulong Feng itself is emblematic of where AI security research is heading. Rather than acting as a static scanner, it is designed more like an autonomous agent: it can explore codebases, generate and test hypotheses about potential flaws, chain together attack steps, and iterate on strategies based on feedback from the environment. In practice, that could mean rapidly mapping exposed services, crafting and refining exploits against unpatched systems, or stress-testing critical infrastructure software before an adversary does. Used defensively, such a system can help organizations find and fix weaknesses at a pace that human teams cannot match.
Yitian Zhen, the companion automated defense platform, is intended to close the loop. While tools like Tulong Feng operate on the offensive or diagnostic side – probing systems to see where they break – Yitian Zhen is designed to orchestrate responses: deploying patches, adjusting firewall rules, reconfiguring access controls, and in some cases triggering deception measures or segmented shutdowns when attacks are detected. If it works as advertised, it would form part of a broader trend toward “self-healing” networks and infrastructure that can adapt in real time to hostile activity.
The “Panshi Zhidun” (Shield of Bedrock) coalition is the political and organizational layer tying these initiatives together. Rather than leaving capabilities siloed inside a single company, 360 is positioning the alliance as a domestic security bloc that can share data, models, and best practices across government agencies, state-owned enterprises, and major private firms. That aligns neatly with Beijing’s long-running vision of integrating civil and military technology development and reducing reliance on foreign cybersecurity tools.
What makes the situation even more complex is that China is not just aiming to replicate American systems, but to construct its own narrative around them. Zhou’s talk repeatedly emphasized the idea of a distinct “Chinese mythos” for cybersecurity and AI – a story in which domestic models are not copies of Western tools but the logical next step in a self-sufficient technological trajectory. From this vantage point, export controls on models like Claude Mythos are not simply security measures; they are evidence that China must invest even more aggressively in its own stack, from chips to models to application frameworks.
At the same time, the decision by Z.ai to release an open-weight vulnerability-hunting model forces a broader debate about openness in cybersecurity AI. Traditional security tooling – such as exploit frameworks and penetration-testing suites – has long been publicly available, and defenders argue that openness allows them to understand and prepare for the worst. But AI changes the scale and speed. A highly capable, widely available vulnerability agent can, in theory, enable small, under-resourced threat actors to act with the effectiveness of a large, well-funded team.
This tension is not unique to China. Around the world, governments and companies are struggling with how to regulate and deploy AI that can be dual-use by design. Restricting access may slow malicious use, but it can also consolidate power in a handful of entities and disadvantage smaller defenders who cannot gain entry to closed programs. Broadly opening advanced models accelerates research and levels the playing field, but also broadens the pool of potential abusers. China’s emerging “mythos” around cybersecurity AI is, in a sense, a live experiment in where to draw that line.
From a strategic perspective, the emergence of Tulong Feng and its open counterparts signals that the era of “AI-augmented cyber operations” is no longer hypothetical. States with advanced AI ecosystems can build agents that continuously comb global software and network infrastructure in search of exploitable weaknesses. They can simulate attacks at massive scale, train defensive systems against realistic adversaries, and potentially discover previously unknown vulnerabilities in widely used platforms faster than traditional research teams.
For organizations trying to protect themselves, this new environment demands a step change in posture. Relying solely on periodic manual audits or traditional intrusion detection is no longer enough when attackers may be leveraging autonomous agents that never sleep. Enterprises – in China and abroad – will be pressured to deploy their own AI-driven defense systems, integrate continuous vulnerability discovery into development workflows, and adopt zero-trust architectures that assume internal compromise is always possible.
Looking ahead, it is likely that multiple “mythos-style” ecosystems will emerge, each reflecting the political and economic priorities of its home region. The U.S. may continue to keep its highest-end cybersecurity AIs gated and tied closely to national security interests. China, as suggested by the mix of state-aligned initiatives and bold open releases, may aim for a hybrid approach: flagship national models like Tulong Feng embedded in state frameworks, and a parallel open ecosystem that moves quickly and pushes technical boundaries. Other countries will have to decide which model to align with – tightly controlled, open and chaotic, or something in between.
What is already clear is that AI is reshaping not just the technical practice of cybersecurity, but its symbolism and storytelling. When Zhou Hongyi says that China now has its own mythos, he is asserting more than technological parity. He is claiming a narrative in which Chinese companies and institutions are no longer simply adopting foreign tools, but defining their own strategic doctrine for how intelligence – human and artificial – will be used to protect, and potentially project, power in the digital age.