One of China’s leading artificial intelligence (AI) models, Z.ai’s GLM-5.2, is close to beating U.S. models on some cybersecurity metrics.
Z.ai, formerly known as Zhipu, was added to the U.S. Commerce Department’s trade blacklist last year. Some of its shareholders are reportedly controlled by the regime in China, and the company allegedly supports China’s military advancement.
Now, its freely available AI model could be used by hackers and terrorists to cause global chaos and destruction.
Z.ai’s model is free and open-weight, meaning it can be downloaded, altered, and run on a user’s own equipment. Unlike open-source, the data and training methods remain proprietary.
Still, the company and nation-states cannot block or control its operations. Once released, the system could be used by hackers and terrorists to find and exploit vulnerabilities, whether through cyberattacks, mass bespoke disinformation campaigns, the creation of new bioweapons, or the discovery of as yet unknown societal vulnerabilities.
If energy and compute constraints could in the future be solved for small actors, they could potentially use open-weight models to recursively improve AI to the point where a model reaches superintelligence, goes rogue, or both.
The ability of hackers to use GLM-5.2 secretly and with ease increases the risk of a future “bugmageddon” if cybersecurity defenders cannot use the same or similar systems to find and fix their vulnerabilities first.
The origin of GLM-5.2 in China means the regime in Beijing could have influenced the code, including its depiction of the Chinese Communist Party (CCP). It could be built with hidden backdoors that facilitate the CCP’s own hacking and surveillance of global users. More broadly, GLM-5.2 and the availability of powerful U.S. semiconductors in China add to the competitiveness of China’s AI development, which will boost China’s economy and military technology.
China’s AI companies may have gotten an assist from mid-June U.S. controls and pressure against the availability of leading U.S. models, including Anthropic’s Mythos and Fable, and OpenAI’s GPT-5.6. Within ten days of the controls, GLM-5.2 gained top or near-top rankings on several leaderboards, including Design Arena, Artificial Analysis, and SWE-bench PRO. Z.ai’s market capitalization rose to $128 billion.

The U.S. restrictions were meant to reduce the possibility that Anthropic and OpenAI models would be used to trigger a “bugmageddon” effect by hackers and adversary governments. But another concern quickly rose in China’s ascendancy on some metrics. So the United States rolled back its restrictions, and on July 1, Fable became globally available again.
The more powerful Mythos was available to leading U.S. national security and corporate cybersecurity entities, enabling them to harden their systems against cyberattacks. Its availability to U.S. global partners is still pending, however, which led some to call for greater AI development within their own nations.
The rolled-back restrictions indicate the tightrope regulators must walk between ensuring the United States leads in AI and mitigating the risk that the rapidly evolving technology is used against it, including by the CCP. The neck-and-neck AI race between the United States and China will increase the CCP’s diplomatic influence among those willing to look the other way regarding Beijing’s authoritarianism and espionage.
Meanwhile, prepare for cybersecurity chaos over the next six months to a year as malign actors use GLM-5.2 and other open-weight AI to hack democratic governments, Western corporations, and others who, in some cases, are unprepared to fight fire with fire.
Unlike the United States, which responsibly attempted to limit the use of such models to the most trusted U.S. and UK entities, the regime in Beijing allowed the global, public release of GLM-5.2 with only weak guardrails. This indicates the CCP’s irresponsibility and short-sightedness. Rogue AI may one day attack not only the democracies, but all of humanity.







