Chinese cybersecurity firm 360 Digital Security Group has made claims regarding its AI’s vulnerability discovery capabilities that draw parallels to Anthropic’s Claude Mythos. 360’s internally developed ‘Multi-Agent Collaborative Vulnerability Discovery System’ reportedly played a significant role in its top performance at the Tianfu Cup, where the firm claimed to find nearly 1,000 vulnerabilities, including a critical Office flaw, CVE-2026-32190, which it asserted had been overlooked for eight years. While some experts, including Eugenio Benincasa from ETH Zurich, acknowledge 360’s advancement in rapid vulnerability discovery, they caution that its AI does not match the complex reasoning abilities of Mythos. Furthermore, Chinese regulations require that vulnerabilities be reported to government entities prior to public disclosure, which may give Chinese firms an advantage in security research over competitors in democratic countries.

Anthropic: Anthropic is an AI safety and research company that develops the Claude family of frontier models focused on reliability and steerability. Recently, it announced Claude Mythos Preview, its most capable model to date, which excels at autonomous vulnerability discovery and exploit chaining in software. The news compares Chinese firm claims to Mythos capabilities, noting Anthropic restricts access via Project Glasswing to prevent abuse.
Claude Mythos: Claude Mythos, specifically the Preview version, is Anthropic’s newest frontier AI model demonstrating breakthrough performance in coding and cybersecurity tasks. It autonomously identifies vulnerabilities and chains exploits across major software without specialized training. The news uses it as the benchmark for evaluating 360 Digital Security Group’s similar AI claims.
Eugenio Benincasa: Eugenio Benincasa is a senior researcher in cyber defense at ETH Zurich and a contributor to the Natto Thoughts blog analyzing China’s cybersecurity landscape. In a recent post, he examined 360 Digital Security Group’s AI claims around Anthropic’s Mythos unveiling. He suggests 360’s system accelerates vuln research stages like Google’s Big Sleep but lacks Mythos-level autonomous reasoning, while noting China’s reporting laws provide strategic advantages.
Project Glasswing: Project Glasswing is an Anthropic-led initiative providing controlled access to Claude Mythos Preview for vulnerability hunting in critical software. It partners with major organizations like AWS, Apple, and Google to patch flaws before wider proliferation of such AI capabilities. The news mentions it as the exclusive distribution method for Mythos amid comparisons to Chinese AI advances.
Google’s Big Sleep: Google’s Big Sleep is an AI agent developed by Project Zero and DeepMind to automate stages of vulnerability research like fuzzing and analysis. It accelerates discrete parts of security workflows rather than full autonomy. Expert analysis in the news likens 360 Digital Security Group’s system more closely to Big Sleep than to fully agentic Claude Mythos.
360 Security Technology: 360 Security Technology, also known as Qihoo 360, is one of China’s largest cybersecurity companies providing security software and services. Its subsidiary 360 Digital Security Group recently claimed advanced AI-driven vulnerability discoveries, including at the Tianfu Cup hacking competition. The news highlights these claims as drawing comparisons to Anthropic’s Mythos model.
360 Digital Security Group: 360 Digital Security Group is a vulnerability research team under 360 Security Technology specializing in offensive security. It developed a Multi-Agent Collaborative Vulnerability Discovery System that contributed to its top finish at the revived Tianfu Cup. The news centers on its claims of AI finding critical flaws quickly, prompting comparisons to Claude Mythos though with noted doubts on some attributions.

{“Expert Comparison”: “Analysts note 360’s AI excels in scaled discovery speed but falls short of Mythos in complex reasoning with more advanced autonomous features.”, “Model Release Strategy”: “Anthropic limits the availability of Claude Mythos to a select group of organizations through Project Glasswing, focusing on enabling proactive security measures.”, “Vulnerability Reporting Laws”: “Chinese legislation requires that private companies and researchers submit vulnerability findings to government agencies before making them public, integrating key security research into state frameworks.”}