HomeEverythingEducation
Equities & FundsCrypto & Digital AssetsAI & TechnologyBusiness & CorporateUS Politics & PolicyGeopolitics & Global RiskMacro, Rates & FXCommodities & EnergyEuropean Politics & MarketsAsia-PacificReal Estate & Property
Story archiveAll categories
← All Stories

AI-driven worm can adapt and spread by exploiting new vulnerabilities

Created at 3 Jun · 11:39 AM2 sources↑ Market-relevant2 events
IN SHORT

Researchers have developed an AI-driven worm that can autonomously detect and exploit new vulnerabilities as it spreads, making it difficult to stop by patching a single flaw. This adaptive worm demonstrated the ability to infect nearly three-quarters of machines on a simulated corporate network within a week.

✉Newsletter

PiQ Daily

Pick your topics. Get only what matters, on your cadence.

Key Numbers

33simulated corporate network machines
15times the worm was run in simulations
one weektimeframe for worm to spread in simulations
nearly three-quartersmachines infected on average in simulations
nearly two-thirdsmachines with permanent presence established in simulations

Who's Involved

Researchers at the University of Toronto
developed the AI-driven worm and published findings
Gary McGraw
CEO of AI security nonprofit, calls it a wake-up call
Ari Herbert-Voss
CEO of AI cybersecurity startup RunSybil, emphasizes need for faster patching
Jamieson O'Reilly
offensive security specialist, views research as a warning sign
Robert Morris Jr.
creator of the 1988 Morris worm

↳ Why This Matters

This research demonstrates a significant leap in cyberattack capabilities, where AI can autonomously create and spread malware, potentially overwhelming traditional patching cycles and necessitating a fundamental shift in cybersecurity defenses.

Key facts

  • Researchers developed an AI-driven worm that can adapt and exploit new vulnerabilities.
  • The worm uses AI agents and LLMs to reason and extend its reach without human intervention.
  • In simulations, the worm infected nearly 75% of machines on a corporate network in one week.
  • The worm can read and exploit new vulnerability advisories in real time.
  • Experts warn this signifies a new era of machine-speed cyberattacks requiring faster patching.

Researchers at the University of Toronto have developed an AI-driven computer worm capable of autonomously detecting and exploiting new vulnerabilities as it spreads, presenting a significant cybersecurity threat. Unlike traditional worms that exploit a single known flaw, this AI worm uses open-weight Large Language Models (LLMs) to reason and adapt, identifying and leveraging new exploits in real time.

In simulations on a 33-machine corporate network, the worm successfully infiltrated nearly three-quarters of the machines and established a permanent presence on almost two-thirds within one week, without any human intervention. This capability means that even if one vulnerability is patched, the worm can find and exploit others. Experts like Gary McGraw and Ari Herbert-Voss view this development as a critical wake-up call for the cybersecurity industry, highlighting the need for organizations to accelerate their software patching efforts to keep pace with machine-speed attacks.

While some, like Jamieson O'Reilly, note that current defensive controls and the logistical challenges of moving large AI models could mitigate immediate risks, they agree that AI is steadily lowering the expertise required for sophisticated cyberattacks. The research underscores the urgency for security teams to invest in fixing software vulnerabilities and develop more precise defensive strategies.

Frequently asked questions

Traditional worms exploit a single known vulnerability, which can be stopped by patching that specific flaw. The AI-driven worm can autonomously detect and exploit multiple, even newly discovered, vulnerabilities as it spreads.

The worm uses open-weight LLMs to reason, analyze vulnerability advisories in real time, and generate tailored attack strategies to exploit new flaws without human intervention.

In a simulated 33-machine corporate network, the AI worm infected nearly three-quarters of the machines and established a permanent presence on almost two-thirds within one week.

The development signifies a new era of adaptive, machine-speed cyberattacks, emphasizing the critical need for organizations to accelerate software patching and improve defensive precision.

What Happens Next

01Security teams must invest in fixing software vulnerabilities.
02Organizations need to accelerate patching efforts to stay ahead of machine-speed attacks.

Get the newsletter.

Pick the topics you actually care about. We'll email when there's news worth your time, on the cadence you choose. Cancel any time from your account.

Cadence

How It Developed

3 Jun · 5:42 PM
Researchers demonstrate an AI worm that adapts to new vulnerabilities in real-time, bypassing traditional patching methods.
Fortune via PiQSuite
3 Jun · 11:14 AM
Computer worms are evolving with AI, enabling chatbots to generate malicious code and accelerate cyberattacks.
The Independent | News via PiQSuite

Sources

T1
How computer worms and AI chatbots pose a 'new era' of hacking threatsm.piqsuite.com
T1
A new AI-powered computer worm could prove to be the stuff of cybersecurity nightmaresm.piqsuite.com

Related Stories

SpaceXAI Launches Grok 4.5 AI Model, Intensifying Rivalry with OpenAI
8 Jul · 11:00 AM
World Cup marred by AI-generated racist misinformation
8 Jul · 2:55 PM
Nvidia CEO Jensen Huang: Engineers prefer building AI agents to coding
9 Jul · 5:35 AM
Chinese AI labs pursue custom chips to lower costs but heavy upfront investment a risk
9 Jul · 8:06 AM
Meta's AI glasses privacy safeguards clash with broader data collection strategy
8 Jul · 5:35 PM