AI malware can now evade Microsoft Defender — open-source LLM outsmarts tool around 8% of the time after three months of training

Cybersecurity
(Image credit: Shutterstock)

The cybersecurity industry's giving Chicken Little a run for his money. Companies have been quick to proclaim that AI will fundamentally change the security landscape, which means every new capability added to a large language model (LLM) can be made into a "the sky is falling" moment, with the latest example being the development of AI malware that can successfully work around Microsoft Defender.

Dark Reading reported Wednesday that researchers from Outflank plan to show off this new AI malware at Black Hat 2025 in August. But don't throw away Windows Defender just yet.

But here's the rub: the report said Avery's "model was able to generate malware capable of totally bypassing Microsoft Defender for Endpoint about 8% of the time." That compares favorably to other models—he told Dark Reading that "Anthropic's AI could do the same less than 1% of the time, and DeepSeek's less than 0.5% of the time," which means his model is significantly more effective at this task—but it's hardly the kind of plug-and-play performance most script kiddies would expect.

Follow Tom's Hardware on Google News to get our up-to-date news, analysis, and reviews in your feeds. Make sure to click the Follow button.

Nathaniel Mott
Freelance News & Features Writer

Nathaniel Mott is a freelance news and features writer for Tom's Hardware US, covering breaking news, security, and the silliest aspects of the tech industry.