The article highlights a project aimed at using AI agents for malware detection, particularly in binary executables. Collaborating with reverse engineering expert Michał “Redford” Kowalczyk, the team created a benchmark to test how well AI can identify backdoors in binaries when source code is unavailable. Their findings were mixed. The AI model Claude Opus 4.6 detected backdoors in small to mid-sized binaries with only 49% accuracy, and many models displayed high false positive rates, flagging clean binaries as malicious. Recent security incidents underscore the urgency of this work. High-profile attacks, such as the Shai Hulud 2.0 compromise affecting numerous organizations, demonstrate vulnerabilities in software supply chains. Physical infrastructure is also at risk, with examples like hidden radios in solar power inverters. The article explains the complexity of binary analysis, noting that unlike source code, binaries consist of machine code stripped of high-level abstractions, making them difficult to analyze. The benchmark involved injecting backdoors into well-known open-source projects like lighttpd and dnsmasq. The AI agents were tasked with detecting these backdoors without the original source code. One example included a backdoor in lighttpd that executed commands from a hidden HTTP header, illustrating how attackers could exploit seemingly legitimate software. The project reveals both the potential and limitations of AI in enhancing cybersecurity through binary analysis.