A New Geopolitical Flashpoint: AI Vulnerability Discovery
Artificial intelligence has rapidly transformed from a productivity tool into the centerpiece of a hard-power competition, nowhere more acutely than in software vulnerability discovery. When Anthropic introduced its Mythos model in April 2026, it didn’t just release a tool; it effectively created a new standard for automated offensive cyber operations. Mythos demonstrated staggering capability, sifting through massive codebases to uncover over 6,000 high- or critical-severity vulnerabilities in brief trials with tech giants and the NSA.
Predictably, this capability triggered a defensive wall. U.S. authorities, sensing the strategic risk of such technology falling into adversarial hands, responded with stringent export controls. Anthropic was explicitly forbidden from releasing Fable—the purportedly guardrailed, public-accessible version of Mythos—to foreign nationals. The move triggered a global suspension of services, mirroring similar restrictions placed on OpenAI’s GPT-5.6. This is the new reality: vulnerability research as a restricted good. But where American companies are building massive, centralized models, China is looking for a different, swarm-based path toward technical parity.
Tulongfeng: Qihoo 360’s Swarm-Based Answer
During the 14th Beijing Cybersecurity Conference in June 2026, Chinese cybersecurity heavyweight Qihoo 360 didn't try to hide the reality of the race. Founder Zhou Hongyi openly acknowledged that Chinese base large language models currently trail their American counterparts by roughly 20 to 30 percent in raw, front-end capability. Attempting to match the U.S. "brute-force" computing strategy—pouring vast GPU resources into single, massive models—isn’t currently viable for Chinese firms under current hardware sanctions.
Instead, Qihoo 360 has pivoted toward a multi-agent approach dubbed "Tulongfeng." Rather than relying on a single, all-knowing "genius hacker" model, Tulongfeng functions as an automated swarm, mimicking a professional human attack-and-defense team. It leverages over two decades of proprietary threat-hunting data and malware repositories to model threats, trace intricate data flows between files, launch isolated sandbox environments, compile exploit code, and verify results for accuracy. It’s a distributed, iterative approach—think of it less as a single supermodel and more as an aggressive, high-speed digital infantry unit.
The Defensive Counterweight: Yitianzhen
Qihoo 360’s announcement was not confined to offense. Alongside the Tulongfeng swarm, the company introduced "Yitianzhen," an automated attack simulation and remediation platform. The strategic framing here is critical. Qihoo 360 is actively constructing a local cybersecurity coalition among domestic Chinese players, directly positioning Yitianzhen as a defensive counterweight against Anthropic’s "Project Glasswing."
Project Glasswing, for the uninitiated, is the closed, invite-only network of partner organizations that receive continued access to Mythos for hardening their defensive infrastructure. By fostering a local alliance around Yitianzhen, Qihoo 360 is attempting to build a secure domestic ecosystem that can remediate vulnerabilities—and presumably test defenses—without reliance on inhibited U.S.-developed frontier AI. It’s a bifurcated approach to security: defensive hardening and offensive capability developed in lockstep, effectively ring-fencing the domestic tech space.
Claims versus Geopolitical Reality
The claims surrounding Tulongfeng are ambitious. Qihoo 360 asserts the system has unearthed between 3,000 and 3,432 vulnerabilities to date, including a Windows kernel privilege escalation bug dormant for five years, an Office RCE (eight years dormant), and an Excel flaw that had gone unnoticed for a decade. These aren't just theoretical vulnerabilities; these are substantial, actionable flaws that have earned recognition from Microsoft themselves.
However, viewing this development through a purely commercial intelligence lens is a mistake. Qihoo 360 has operated under a U.S. Commerce Department blacklist since 2020, cited for direct military linkages. In 2026, the Pentagon reaffirmed this classification, naming it a contributor to the Chinese defense industrial base. A 2025 congressional report further cemented this status, confirming that the company leads China's Cyberspace Security Military-Civil Integration Innovation Center.
The implications are clear to experts like Georgetown’s Dakota Cary, who noted that Qihoo 360 is a primary contributor to China's National Information Security Vulnerability Database—the database managed by the Ministry of State Security. Historically, the process of submitting vulnerabilities there has been far from transparent. China has frequently delayed public disclosure of discovered bugs to, in effect, weaponize the reconnaissance as part of national power projection. When Five Eyes cyber chiefs recently declared that adversarial AI cyberattacks would scale in "months, not years," they weren't just discussing the speed of machine learning; they were referring to the speed at which this new generation of AI-enabled reconnaissance can be integrated into the state's existing offensive cyber apparatus.
The bottom line is that the cybersecurity landscape has been irrevocably altered. As automated systems become more capable of identifying the "seams" in global software dependencies, the advantage will not necessarily go to the biggest model, but to those who can most effectively integrate these AI-driven findings into operational networks. Qihoo 360 is demonstrating that a swarm, when effectively directed, can be just as potent as the monolithic engines emerging from Silicon Valley. We are no longer chasing patches; we are now in an algorithmic arms race where the weapon, the target, and the patch are all being developed by machine, at speeds that redefine the concept of a vulnerability disclosure timeline entirely.