The artificial intelligence race has entered a new and more dangerous phase. This week, China’s leading cybersecurity company unveiled a pair of AI powered security tools it claims can match the capabilities of Anthropic’s Mythos, a system so powerful that the United States government has already moved to restrict its export on national security grounds. The announcement marks a significant escalation in the global AI arms race, one that blurs the boundaries between cyber defence and cyber warfare.What was announcedAt the ISC.AI 2026 cybersecurity conference in Beijing, 360 Security Technology introduced a platform called Yitian Tulong, comprising two AI models: Tulongfeng, designed for automated vulnerability discovery, and Yitianzhen, built for automated cyber defence and incident response.The name Yitian Tulong is drawn from a classic Chinese martial arts novel. Translated, it means “Heavenly Sword and Dragon Saber,” legendary weapons that, in the story, determine the fate of an entire world. The choice of name was not accidental. It evokes themes of unmatched power and national defence, underscoring the degree to which Beijing views AI cybersecurity tools as strategic necessities rather than optional luxuries.The first of the two tools, Tulongfeng, focuses on automated vulnerability discovery. The second, Yitianzhen, handles cyber defence and incident response. Together, the company is positioning them as both shield and sword in an intensifying AI driven security contest between the world’s two dominant technology powers.Why Mythos triggered this responseTo understand what drove China’s announcement, it helps to understand what Mythos is and why it alarmed governments on both sides of the Pacific.In April, Anthropic introduced Mythos as a system capable of autonomously finding flaws in widely used software, reporting that an early version had uncovered thousands of serious vulnerabilities across multiple operating systems, web browsers, and other applications. The implications were immediate. A tool that could systematically identify software weaknesses at that scale was not just a defensive asset. It was a potential offensive weapon of considerable power.The US government responded by ordering Anthropic to suspend exports of a less powerful version of Mythos to all destinations worldwide and to all foreign nationals, citing national security concerns.For Beijing, the reaction in Washington was itself alarming. If the United States was willing to classify a vulnerability finding AI as a restricted strategic asset, China reasoned, it could not afford to be left without an equivalent capability.The strategic argument behind the launchThe rationale offered for Yitian Tulong goes beyond corporate competition. It is explicitly framed as a matter of national security and strategic parity.The concept of “one way transparency” was central to the argument made at the launch: tools like Mythos could allow American actors to probe Chinese systems at will, while China remained unable to respond in kind. Without a domestic equivalent, critical infrastructure, government networks, and commercial systems could all be systematically mapped and analysed by foreign AI without any reciprocal ability to detect or respond.Chinese state media described Mythos as demonstrating “unprecedented cyberattack capabilities,” and the sentiment has fuelled widespread unease among Chinese technology and security officials. The launch of Yitian Tulong is, in part, an answer to that unease, a public signal that China is not prepared to accept a world in which one side alone holds this kind of capability.The capability gap and how 360 claims to bridge it360 Security’s founder did not pretend that Chinese AI has caught up with its US counterparts. He acknowledged a 20 to 30% capability gap compared to US models, but emphasised building a professional attack and defence team rather than relying on a single advanced AI.This is a meaningful strategic distinction. Rather than attempting to build a frontier model that matches Mythos on raw power, something made significantly harder by US export controls on advanced semiconductors, 360 combined AI models with cybersecurity expertise, vulnerability databases, and automated tooling. The result, the company argues, is a system that achieves comparable outcomes through a different architecture.The analogy offered at the launch was striking: if Mythos represents the approach of cultivating a single genius hacker, 360’s approach is to organise an entire professional attack and defence team. The aim is to create a stable, continuously operating system that can work around the clock and generate fewer errors, a factory floor rather than a prodigy.360 reported that Tulongfeng has identified 3,432 software vulnerabilities, including 105 confirmed by Chinese authorities, though these figures could not be independently verified.The broader picture: An accelerating arms raceThe announcement signals an escalating AI arms race in cyber offence and defence between the United States and China, one that other nations are watching with a mixture of alarm and urgency.The timing matters. US export controls on advanced chips have been tightening since 2022, designed to slow China’s ability to develop frontier AI models. Yet the Yitian Tulong announcement suggests that these restrictions, while consequential, have not halted China’s ambitions in AI powered cybersecurity. They have, instead, pushed Chinese developers toward more creative architectural approaches, combining what they have rather than waiting for what they cannot get.The emergence of a credible Chinese response to Mythos is widely expected to accelerate an AI driven cyber arms race, with both sides racing to develop tools that blur the lines between defence and offence.For enterprises outside the US and China, the picture is more complicated. Adoption of tools like Yitian Tulong would depend on trust, regulation, and data governance, and security teams may need to weigh the platform’s technical promise against questions about where data is processed and how findings are shared.What this meansThe world’s two largest AI powers are now both openly developing tools capable of finding and exploiting software vulnerabilities at scale. The technology that was once the domain of elite nation state hackers is being industrialised, automated, packaged, and framed as a matter of national sovereignty.Ironically, just as China unveiled its answer to Mythos, Anthropic itself was mid-crisis with the original: Fable 5 and Mythos 5 had been pulled offline on June 12 after a jailbreak let the model surface exploitable vulnerabilities, only returning, Fable 5 globally, Mythos 5 to a vetted US cohort, on July 1 after Commerce Department clearance. The timing is coincidental, not causal, but it underscores the point: both Washington and Beijing are now treating vulnerability-hunting AI as a strategic asset requiring state-level gatekeeping, not just a product feature.The Heavenly Sword and the Dragon Saber of Chinese legend were said to give their wielder dominance over the martial world. Whether Yitian Tulong lives up to its name remains unverified. What is beyond doubt is that the race to build the next generation of AI powered cyber weapons has moved decisively into a new chapter and the rest of the world is watching.Pravin Kaushal is a tech and social entrepreneur and Programme Director (Eastern India) at WHEELS Global Foundation, a Pan-IIT alumni initiative working across 20+ states in India. He writes on AI, Economy and Geopolitics and can be found on X at @ipravinkaushal.