China AI startup Z.ai’s open-source AI model GLM-5.2 is raising concerns among cybersecurity researchers that it could accelerate the spread of hacking capabilities, Axios reported on June 25.

GLM-5.2, released recently, has agentic capabilities comparable to Claude Opus4.8 and OpenAI GPT-5.5, while its operating cost is about half that level.

In security evaluations conducted separately by cybersecurity firms Graphstry and Semgrep, GLM-5.2 showed cyber investigation and vulnerability detection performance on par with major U.S. models. Graphstry also raised suspicion that GLM-5.2 could be the result of illicit distillation of GPT-5.5 and Opus4.8. Z.ai made no specific comment on the matter.

Unlike Claude or ChatGPT, GLM-5.2 is an open-weight model that anyone can download and modify. Users can remove safety guardrails or fine-tune it for specific tasks. Graphstry assessed GLM-5.2 as the first open-weight model it has tested that it could recommend for a "frontier-grade cybersecurity experience."

Jason Baker (제이슨 베이커) of GuidePoint Security said jailbreak methods to use GLM-5.2 for hacking work are already being shared on Russian-language hacker forums. He added that some have also confirmed safety guardrails can be lifted simply by saying they want to "protect our company from brute-force attacks," as if for defensive purposes.

Travis Lanham (트래비스 랜험), chief technology officer at Armadin, said GLM-5.2 can "automate lateral movement and exploit chaining after a system intrusion at an elite-hacker level." He said attackers can run it locally without safety guardrails, fine-tune it for a specific target and operate without being exposed to any provider or defender.

Halcyon ransomware threat intelligence analyst Roye Bass (로예 배스) said attackers can download GLM-5.2 and build their own tools to generate malicious content such as phishing emails and scam scripts. But Baker added that "the current level of AI-generated exploits and malware is not very high" and that technical capabilities to use AI and large language models for large-scale attacks have not yet caught up with the willingness to do so.

Z.ai founder Tang Jie (탕제) said the company will release an open-source model comparable to Anthropic Fable within this year. 360 Technology also said it has developed its own AI system to compete with Mythos.