Chinese AI Startup Zhipu Launches Free AI Agent - 1

Photo by Igor Omilaev on Unsplash

Chinese AI Startup Zhipu Launches Free AI Agent

  • Written by Andrea Miliani Former Tech News Expert
  • Fact-Checked by Sarah Frazier Former Content Manager

The Chinese AI startup Zhipu has launched this Monday a free AI agent called AutoGLM Rumination, capable of searching the web and performing tasks autonomously.

In a rush? Here are the quick facts:

  • Chinese AI startup Zhipu launched a free AI agent, AutoGLM Rumination, capable of performing tasks autonomously.
  • The agent is powered by GLM-Z1-Air, which Zhipu claims is more efficient than rival DeepSeek’s R1.
  • The release intensifies AI competition in China and the world.

According to Reuters , Zhipu’s CEO Zhang Peng explained at an event in Beijing that the new agent can make decisions and operate independently to execute orders and instructions in multiple areas, such as travel planning.

AutoGLM is powered by the company’s AI models, including the reasoning model GLM-Z1-Air and GLM-4-Air-0414. Zhipu claims that its GLM-Z1-Air is more powerful than DeepSeek’s R1, one of its competitors, as it has similar capabilities and runs eight times faster and requires considerably fewer computer resources.

The release of the new AI agent at no cost increases AI competition in China and raises concerns for other AI startups in the region and the world.

The Chinese company Butterfly Effect recently gained attention after it released its first autonomous AI agent Manus AI . Videos of Manus’ performance went viral on a Discord community, challenging companies in Silicon Valley.

However, while Manus AI’s current rates start from $39 and can reach up to $200, AutoGLM Rumination is free through Zhipu’s official channels. Users will be able to test the AI agent through the mobile app and the website.

Just like with Manus and DeepSeek, the Chinese government is one of the investors in Zhipu. Just a few weeks ago, Zhipu announced a $137 million investment led by the state-backed firms Hangzhou City Investment Group Industrial Fund and Shangcheng Capital.

Zhipu was developed at the Tsinghua University laboratory, founded in 2019, and is now one of the leading AI startups in China.

Other American tech companies have also recently released AI agent models. A few days ago, Microsoft launched AI-powered security agents to detect cyberthreats and automate security tasks. In January, OpenAI introduced the autonomous AI agent Operator , available only to Pro users.

Fake Captcha Scam: How Hackers Trick Users into Downloading Malware - 2

Image by DC Studio, from Freepik

Fake Captcha Scam: How Hackers Trick Users into Downloading Malware

  • Written by Kiara Fabbri Former Tech News Writer
  • Fact-Checked by Sarah Frazier Former Content Manager

ClickFix Captcha presents itself as an innocuous verification test but cybercriminals use this tactic to distribute malware to unsuspecting users.

In a rush? Here are the quick facts:

  • Hackers use ClickFix Captcha to trick users into executing malware commands.
  • QakBot trojan is being delivered through fake captchas and hidden PowerShell scripts.
  • Attackers use XOR decryption to hide malicious code and evade detection.

The malware distribution method has been associated with ransomware delivery and the spread of QakBot banking trojan, and infostealers. Since its initial discovery in 2008, the researchers say that QakBot has evolved into a sophisticated piece of malware.

The security researchers at DarkAtlas Research Squad discovered a new attack that tricked users into thinking they were doing standard captcha work. Users were unknowingly running commands on their own computers without their knowledge.

The ClickFix Captcha directed users to activate Windows Key + R which automatically triggered a preloaded command stored in their clipboard. The command secretly downloaded an encrypted file from a remote server while executing malicious code without triggering any suspicion.

DarkAtlas also revealed that the malware used XOR decryption to hide its real purpose, making detection particularly difficult. The attackers created fake domains to host ZIP files containing malicious payloads.

Once downloaded, these files extracted and executed harmful scripts designed to steal sensitive information or deploy ransomware. Worryingly, the hackers could generate an unlimited number of unique URLs to distribute their malware, making it nearly impossible for security systems to blacklist them effectively.

This attack is in line with Q3/2024 report from Gen shows a dramatic increase in “Scam-Yourself Attacks” which deceive users into installing malware. The attackers use ClickFix scams together with fake CAPTCHA prompts and deceptive tutorials to gain control.

According to the report, AI and deepfake technology have made scams more difficult to detect. Users can stay protected from evolving threats with the help of Norton Genie.

The researchers advise that users should remain vigilant and avoid executing unexpected commands from unknown websites.