GLM-5.2, a new Chinese open-source AI model, is raising concerns due to its advanced hacking capabilities, making sophisticated attacks more accessible and cheaper for malicious actors. It rivals leading U.S. models like Claude Opus 4.8 and OpenAI's GPT-5.5 in agentic capabilities but costs half as much to operate. Security evaluations confirmed its strong performance in cybersecurity investigations and vulnerability discovery benchmarks. Researchers suggest GLM-5.2 might be an illegal distillation of GPT-5.5 and Opus 4.8, explaining its rapid advancement. Unlike commercial models, GLM-5.2 can be downloaded and modified, allowing users to remove safety controls and operate without commercial oversight. Hackers are actively discussing how to jailbreak GLM-5.2 for malicious purposes on Russian-language forums. The model enables personalized attacks, allowing lateral movement and exploit chaining similar to elite human attackers. Attackers can also get the model to explain how to bypass its own limitations. There are fewer mechanisms to stop open-source model misuse compared to commercial platforms like ChatGPT, where providers can detect and ban users. GLM-5.2 removes barriers for hackers, allowing them to build custom malicious tools like phishing email generators and fraud scripts locally. While current AI-generated exploits may not be highly sophisticated, the potential for increased scale with AI and LLMs is growing. Z.ai plans to release an open-source model rivaling Anthropic's Fable by year-end, with other Chinese companies also developing advanced models.