A new AI-powered computer worm could prove to be the stuff of cybersecurity nightmares
A new AI-powered computer worm could prove to be the stuff of cybersecurity nightmares
Publish Date: 2026-06-03 13:42:00
Source Domain: fortune.com
In cybersecurity, few words trigger more dread than ‘wormable’—a vulnerability that could be weaponized into a self-spreading worm. Now researchers at the University of Toronto have demonstrated something worse: an AI-driven worm that can’t be stopped by patching a single flaw, because it uses reasoning to detect and exploit different vulnerabilities as it spreads.
In a new paper released yesterday, ‘AI Agents Enable Adaptive Computer Worms,’ the researchers explain that traditional worms exploit a single vulnerability—patch it, and you stop the spread. But AI agents go further: the worm they built generates tailored attack strategies, with no human intervention, by hijacking compromised machines and running open-weight LLMs to simultaneously reason and extend its reach.
The researchers ran the worm 15 times on a simulated 33-machine corporate network. On average, in one week with zero human involvement, the worm broke into nearly three-quarters of the machines on the network, and set up a permanent presence on nearly two-thirds of them.
In addition, any LLM knowledge cutoff—a date after which they don’t know about new vulnerabilities—did not stop the worm. The researchers showed the worm could read fresh, publicly available vulnerability advisories online in real time—the same ones security teams use—and figure out how to exploit those new flaws on its own.
Findings come after Anthropic’s Mythos wake-up call
The paper’s findings come at a nervous moment for cybersecurity. Anthropic’s recently launched Mythos model, deployed only to companies with critical software through Project Glasswing, rattled enterprise security teams by revealing just how many unpatched software vulnerabilities exist across corporate infrastructure. Now the Toronto researchers are showing what happens when autonomous generative adversaries can find their way in without humans and without without already-known exploits.
“This is…
