The cybersecurity industry’s giving Chicken Little a run for his money. Companies have been quick to proclaim that AI will fundamentally change the security landscape, which means every new capability added to a large language model (LLM) can be made into a “the sky is falling” moment, with the latest example being the development of AI malware that can successfully work around Microsoft Defender. Dark Reading reported Wednesday that researchers from Outflank plan to show off this new AI malware at Black Hat 2025 in August. But don’t throw away Windows Defender just yet. According to its website, Outflank is a “highly skilled red team composed of experienced professionals” who “specialize in assessing resilience against advanced threats and training security teams for enhanced incident response.” Its principal offensive specialist lead, Kyle Avery, told Dark Reading that he spent three months and approximately $1,500 training the open-source Qwen 2.5 LLM to bypass Microsoft Defender. That’s a fairly steep but not insurmountable upfront cost for this capability. But here’s the rub: the report said Avery’s “model was able to generate malware capable of totally bypassing Microsoft Defender for Endpoint about 8% of the time.” That compares favorably to other models—he told Dark Reading that “Anthropic’s AI could do the same less than 1% of the time, and DeepSeek’s less than 0.5% of the time,” which means his model is significantly more effective at this task—but it’s hardly the kind of plug-and-play performance most script kiddies would expect.

Full report : Qwen 2.5 open-source LLM outsmarts Microsoft Defender to install malware around 8% of the time after three months of training.