Qihoo 360’s Zhou Hongyi says its Tulongfeng swarm beats Anthropic’s Mythos bug-finding

Qihoo 360 CEO Zhou Hongyi went on stage at the 14th Beijing Cybersecurity Conference and made a claim that is, bluntly, hard to ignore: his company’s AI bug-finder is better than Anthropic’s Mythos. He also framed Mythos as something like a “cyber nuclear weapon,” in part because the USA’s ban on foreign nationals accessing the model denies the rest of the world a tool that can be used to find software flaws.

Zhou’s answer is Qihoo 360’s Tulongfeng approach, which he says does not just guess vulnerabilities, it confirms them. In his description, the system models threats and filters high-risk attack surfaces, then follows data flow across files to discover potential weaknesses. After that, Qihoo’s agents supposedly automatically build sandbox environments, automatically generate exploit code, and conduct real-world testing. The result, as Zhou described it, is that vulnerabilities are “confirmed” rather than merely suspected, and the swarm summarizes and reviews performance after tasks so it can get smarter with each use.

That is the pitch. Now here is why it matters beyond one conference-stage demo. Cybersecurity is one of those spaces where “capability” is partly about data, partly about compute, and partly about execution speed. Zhou directly acknowledged the bottleneck that shapes the competitive landscape: Mythos, he said, follows a “typical large-scale model approach,” where the strongest model, strongest computing power, and strongest chips come together. But he argued that the brute-force path has an implicit prerequisite: the model capabilities must be sufficiently strong. He then claimed domestically developed models still lag by 20 percent to 30 percent in underlying capabilities.

If that gap is real, it changes the incentives for everyone trying to compete with top-tier frontier models. Zhou said Qihoo 360 therefore cannot simply replicate Mythos. Instead, he described an alternative built from “distilling” 20 years of experience fighting cyber-threats and a “colossal malware library” into security-specific models and agents. In other words, rather than chasing a general-purpose model that can do everything, Qihoo is emphasizing a security workflow that is designed to produce actionable outcomes: identify surfaces, trace data flows, run tests, and generate proof.

The “multi-agent swarm” language is doing a lot of work here. Zhou compared it to the American approach of cultivating “a genius hacker,” while Qihoo frames its swarm as organizing a professional attack and defense team. The detail that sticks is the division of labor: one component models the threat and filters attack surfaces, another tracks data flow across files, and then the system shifts into automated sandboxing, exploit-code generation, and testing. Zhou’s argument is that this kind of iterative, task-specific loop is hard for a single large model to do. Qihoo calls the approach Tulongfeng.

The company also offered specific examples to bolster its credibility. Zhou said Qihoo 360 automatically discovered a Windows kernel privilege escalation vulnerability that had been dormant for five years; an Office remote code execution vulnerability dormant for eight years; and an Excel vulnerability dormant for 10 years. He also said these issues earned “official recognition from Microsoft.” Zhou further said the tool found plenty of flaws in OpenClaw, a feat that human researchers have also achieved.

Then the story widens from bug-finding to offense-and-defense automation. Zhou said Qihoo 360 created another AI-powered security tool called “Yitianzhen” that automatically simulates potential attacks against an organization’s cyber-defenses, then suggests and/or implements remediations. Qihoo also said it has created an alliance of local cybersecurity companies to use it and build what it calls a bulwark against Project Glasswing, the group of entities Anthropic allows to use Mythos under controlled conditions. In board terms, that is not just about a tool. It is about an ecosystem strategy that seeks to turn access controls and model availability into a competitive and national-security narrative.

Layer in regulation and sanctions, and the stakes get even more complicated. Qihoo 360 is a Chinese cybersecurity vendor that the US has banned, and US authorities have sanctioned it on grounds that it probably supplies China’s military. Meanwhile, China’s National Computer Virus Emergency Response Center (CVERC) reportedly often cites and publicizes Qihoo’s research, sometimes in documents that allege the US hacks itself to make China look bad. For executives, that means any discussion of “best AI vulnerability finder” immediately becomes a question of supply chain risk, compliance exposure, and how quickly security capabilities can move across geopolitical lines.

If you run security, product, compliance, or risk for a global organization, this is a live-wire moment. A system that can allegedly confirm vulnerabilities through automated sandboxing, exploit generation, and real-world testing is the kind of capability that compresses the time between discovery and exploitation. Meanwhile, the deterrent framing suggests this is not purely about defensive hardening. It is also about keeping pace under constraints, especially when access to frontier capabilities like Mythos is restricted by national policy. The strategic question for peers in similar roles is straightforward: how do you validate the strength of your defenses and your patch priorities when vulnerability discovery itself is becoming more automated, more persistent, and, according to Qihoo, more “confirmed” by design?