“AI Worms”, researchers demonstrate autonomous malware capable of adapting to any online device

Pierluigi Paganini
June 10, 2026

A study by the University of Toronto shows how artificial intelligence can power autonomous worms capable of tailoring attacks against Windows, Linux and IoT devices.

A group of researchers from the University of Toronto has demonstrated how open-source artificial intelligence models can be used to create a new category of computer worms capable of autonomously adapting their attack strategies.

The study, first reported by The New York Times and published on the preprint server arXiv.org, describes a proof of concept developed in a controlled and isolated environment, but the conclusions reached suggest that the evolution of AI could profoundly alter the cyber threat landscape.

Credit: https://cleverhans.io/worm.html

Researchers argue that this poses a different threat to traditional worms, as it does not rely on a fixed set of vulnerabilities or predefined attack techniques. Instead, the malware is capable of observing its target, analysing its characteristics, and dynamically generating a compromise strategy tailored to the system it is facing.

From automation to intelligent adaptation

Worms that have made their mark on the history of cybersecurity, such as WannaCry, exploited specific vulnerabilities. Once the software flaw had been fixed or a patch applied, the malware’s ability to spread was drastically reduced.

In the model proposed by the University of Toronto, however, the worm does not rely on a single vulnerability. The artificial intelligence used by the prototype allows the malware to evaluate different attack paths and choose the most effective one based on the device it has identified. During the experiments, the worm managed to spread within a network comprising Windows and Linux systems and IoT devices, exploiting common…

Source

“AI Worms”, researchers demonstrate autonomous malware capable of adapting to any online device