{"id":205837,"date":"2026-04-23T08:36:00","date_gmt":"2026-04-23T12:36:00","guid":{"rendered":"https:\/\/testing.news-you-need.com\/index.php\/2026\/04\/23\/chinese-cybersecurity-firms-ai-hacking-claims-draw-comparisons-to-claude-mythos\/"},"modified":"2026-04-25T12:21:06","modified_gmt":"2026-04-25T16:21:06","slug":"chinese-cybersecurity-firms-ai-hacking-claims-draw-comparisons-to-claude-mythos","status":"publish","type":"post","link":"https:\/\/testing.news-you-need.com\/index.php\/2026\/04\/23\/chinese-cybersecurity-firms-ai-hacking-claims-draw-comparisons-to-claude-mythos\/","title":{"rendered":"Chinese Cybersecurity Firm&#8217;s AI Hacking Claims Draw Comparisons to Claude Mythos"},"content":{"rendered":"<p><a href=\"https:\/\/www.securityweek.com\/chinese-cybersecurity-firms-ai-hacking-claims-draw-comparisons-to-claude-mythos\/\">Chinese Cybersecurity Firm&#8217;s AI Hacking Claims Draw Comparisons to Claude Mythos<\/a><\/p>\n<p><a href=\"https:\/\/www.securityweek.com\/chinese-cybersecurity-firms-ai-hacking-claims-draw-comparisons-to-claude-mythos\/\">https:\/\/www.securityweek.com\/chinese-cybersecurity-firms-ai-hacking-claims-draw-comparisons-to-claude-mythos\/<\/a><\/p>\n<p>Publish Date: <a href=\"publish_date]\">2026-04-23 08:36:00<\/a><\/p>\n<p>Source Domain: <a href=\"www.securityweek.com\">www.securityweek.com<\/a><\/p>\n<p>Author: <a href=\"\"><\/a><\/p>\n<p> Using an unordered list, summarize the following article with between 4 and 8 key points. <\/p>\n<p>A Chinese cybersecurity firm has claimed AI-driven vulnerability discovery capabilities that approach the scale of those attributed to Anthropic\u2019s recently unveiled Claude Mythos model.\u00a0<\/p>\n<p>The claims have been analyzed by Eugenio Benincasa, an ETH Zurich cybersecurity researcher focusing on China, in a post published on the Natto Thoughts blog.<\/p>\n<p>Anthropic claims that its new Mythos frontier model has autonomously discovered thousands of vulnerabilities. To prevent potential abuse, Mythos has not been publicly released and is only available to a few dozen major organizations through Project Glasswing.\u00a0<\/p>\n<p>However, Anthropic\u2019s own chief executive has suggested that open source models and Chinese developers could replicate Mythos-level performance within 6-12 months, a view echoed by researchers at cloud security firm Wiz.\u00a0<\/p>\n<p>According to Benincasa, claims made by the 360 Digital Security Group at 360 Security Technology (Qihoo 360), one of China\u2019s largest cybersecurity companies, in the weeks surrounding Anthropic\u2019s unveiling of Claude Mythos suggest that the company\u2019s AI may have similar vulnerability-discovery capabilities.\u00a0<\/p>\n<p>360 Digital Security Group\u2019s claims center on an internally developed \u2018Multi-Agent Collaborative Vulnerability Discovery System\u2019, which appears to have played an important role in its first-place finish at Tianfu Cup, a major Chinese hacking competition that was revived this year.\u00a0Advertisement. Scroll to continue reading.<\/p>\n<p>The firm says the system contributed to roughly half of the vulnerabilities it identified at the contest, finding close to 1,000 vulnerabilities in total, including over 50 high-severity flaws across Windows, Microsoft Office, Android, OpenClaw, IoT devices, and other products.<\/p>\n<p>The most striking individual claim involves CVE-2026-32190, a critical Office vulnerability that 360 says its AI agent identified within minutes, after it had allegedly gone undetected for roughly eight years. A separate Windows kernel vulnerability (CVE-2026-24293) was also claimed, though Microsoft credits researchers from Taiwan and South Korea with that discovery, casting doubt on 360\u2019s claims.<\/p>\n<p>Benincasa cautions that while 360\u2019s AI capabilities appear significant, they do not yet appear to match the reasoning capabilities described for Claude Mythos. A closer comparison, the expert suggests, is Google\u2019s Big Sleep, which accelerates discrete stages of vulnerability research rather than operating as a fully autonomous agent.\u00a0<\/p>\n<p>However, the expert believes other aspects may ultimately matter more than any technical comparison. Chinese legislation requires private companies and researchers to report vulnerabilities to government agencies before disclosing them publicly, effectively channeling elite security research into state intelligence pipelines.\u00a0<\/p>\n<p>This puts China at an advantage compared to the United States, Europe, and other democratic countries, Benincasa noted.<\/p>\n<p>As for Mythos\u2019 capabilities, outside of Anthropic\u2019s claims, Mozilla said the AI helped it find over 270 Firefox vulnerabilities, and Palo Alto Networks reported a significant boost in vulnerability discovery.\u00a0<\/p>\n<p>Others, however, pointed out that only a few dozen public CVEs have been credited to Anthropic and only one specifically to Glasswing.<\/p>\n<p>Related: AI Can Autonomously Hack Cloud Systems With Minimal Oversight: Researchers<\/p>\n<p>Related: White House Chief of Staff to Meet With Anthropic CEO Over Its New AI Technology<\/p>\n<p><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Chinese Cybersecurity Firm&#8217;s AI Hacking Claims Draw Comparisons to Claude Mythos https:\/\/www.securityweek.com\/chinese-cybersecurity-firms-ai-hacking-claims-draw-comparisons-to-claude-mythos\/ Publish Date: 2026-04-23&#8230;<\/p>\n","protected":false},"author":1,"featured_media":205838,"comment_status":"closed","ping_status":"","sticky":false,"template":"","format":"standard","meta":{"fifu_image_url":"https:\/\/www.securityweek.com\/wp-content\/uploads\/2025\/11\/China-APT-AI-artificial-intelligence.jpeg","fifu_image_alt":"","footnotes":""},"categories":[15],"tags":[26,24,27],"class_list":["post-205837","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cybersecurity","tag-ai","tag-cybersecurity","tag-vulnerability"],"_links":{"self":[{"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/205837"}],"collection":[{"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/comments?post=205837"}],"version-history":[{"count":1,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/205837\/revisions"}],"predecessor-version":[{"id":205839,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/205837\/revisions\/205839"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/media\/205838"}],"wp:attachment":[{"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/media?parent=205837"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/categories?post=205837"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/tags?post=205837"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}