TL;DR: The primary AI security threat has shifted from public model capabilities to automated vulnerability discovery. While Western developers lead in creating models like Anthropic's Mythos that find zero-day bugs in minutes, governments and enterprises lack the defensive policy infrastructure to patch these flaws before state-backed actors exploit them.

Washington and Beijing currently focus their regulatory efforts on model parameters, chip export bans, and API restrictions. However, this public focus misses the actual front line of the global technology race: automated vulnerability discovery. Security teams and state-backed groups now use frontier models to identify and exploit zero-day software vulnerabilities at a speed humans cannot match. See our Full Guide to understand how leading labs restrict access to their core codebases to prevent adversarial exploitation.

Why is AI vulnerability discovery the new focus of cyber defense?

AI models can now scan complex codebases and identify zero-day software vulnerabilities in minutes instead of months. For example, Anthropic’s Mythos model discovered a 17-year-old flaw in the FreeBSD operating system that allows attackers to run arbitrary code, alongside a 16-year-old memory corruption bug in the FFmpeg multimedia framework. Our security team at Xint reproduced these findings, uncovering 12 additional zero-days within those same codebases. We also identified a critical nine-year-old vulnerability in the Linux kernel that grants complete system control, discovering the exploit path in less than one hour.

The speed of these automated discoveries changes the nature of cybersecurity. If an organization releases or open-sources a highly capable model without restriction, adversaries can immediately use it to scan global infrastructure for unpatched flaws. Google’s Threat Intelligence Group (GTIG) recently confirmed it thwarted an AI-driven attack where hackers used an LLM to bypass two-factor authentication via a zero-day exploit. Because the defensive capability is so potent, keeping these models restricted is a matter of national security.

How does China approach the AI security market?

China is executing a state-directed national strategy to build parallel offensive and defensive AI-driven cyber capabilities, with its AI cybersecurity market projected to reach $8.7 billion by 2030. According to research firm IDC, this represents a 37-fold market expansion from 2025. An IDC senior research manager in China stated that China's own national equivalent to western automated discovery systems will definitely emerge. This projection reflects actual policy; the Chinese government amended its cybersecurity law on January 1 to include extraterritorial enforcement and fines of up to $1.4 million per violation.

While the United States treats AI security as a voluntary compliance exercise, Beijing integrates AI vulnerability discovery directly into its state intelligence apparatus. Google's Threat Intelligence Group documented the North Korean military group APT45 using AI to run thousands of exploit checks. Simultaneously, Chinese state-linked operators use AI for automated target probing and vulnerability hunting. These incidents prove that state actors are already moving past conversational chatbots to deploy AI as an offensive hacking engine.

Why are current Western compliance frameworks failing to secure AI deployments?

Standard compliance audits like SOC2 and FedRAMP only verify the existence of policy controls rather than testing whether the underlying code is actively exploitable. These frameworks check if an organization has a security policy, but they do not run automated penetration tests to find zero-day bugs in active software. Currently, fewer than 1% of the zero-day vulnerabilities discovered by Anthropic's Mythos have been patched. The flaws are public knowledge among defense circles, but organizations have no funding or legal requirement to fix them.

This systemic defense failure leaves critical infrastructure exposed. The Cybersecurity and Infrastructure Security Agency (CISA), which oversees US infrastructure defense, has lost one-third of its workforce and faces a proposed $500 million budget cut. While US models lead in raw vulnerability discovery, the nation lacks the defensive infrastructure to implement the necessary patches. Consequently, advanced capabilities remain locked or restricted to prevent bad actors from using them to map out vulnerable American systems.

How must enterprise security strategies change to survive automated vulnerability hunting?

Organizations must transition from passive annual compliance audits to automated, continuous code exploitation testing using restricted, secure AI models. Waiting for annual security reviews is no longer viable when adversaries use AI to find zero-day vulnerabilities in under an hour. Companies must implement automated patching pipelines that match the speed of AI-driven threat discovery.

Furthermore, enterprises must strictly control how they deploy AI models within their development pipelines. House lawmakers are currently investigating Chinese AI models deployed in American critical infrastructure, citing risks of model distillation. The White House has also accused Chinese operators of distilling American frontier models to extract advanced capabilities without paying for development. Restricting model weights and API access is the only practical way to prevent adversaries from acquiring automated exploitation tools.

Key Takeaways

  • Vulnerability discovery is the active front line: The geopolitical AI race is defined by which side can automate the discovery and patching of zero-day software vulnerabilities.
  • Compliance models are outdated: Current compliance standards like SOC2 fail because they audit security policies rather than running active code exploitation tests.
  • Strategic restriction is necessary: US organizations must restrict API access and protect model weights to prevent adversaries from distilling defensive AI tools into offensive cyber weapons.