In a controlled lab, researchers demonstrated an AI-driven worm that can propagate across Linux, Windows, and IoT devices by exploiting real-world network vulnerabilities, enabling self-sustaining attacks with minimal human input.

A University of Toronto team published findings describing a new AI-powered worm built with freely available open-weight AI models that can adapt as it spreads, potentially compromising entire networks at near-zero marginal cost.

The project, a collaboration among the University of Toronto, the Vector Institute, and the University of Cambridge, shows the worm can reason its own attack strategy in real time rather than rely on a fixed exploit list.

Defensive implications emphasize monitoring for adaptive attack paths, reducing attack surfaces, enforcing segmentation, and zero-trust controls rather than relying on static signatures.

Researchers argue that publicly revealing these findings serves as a defensive measure to spur countermeasures and resilience, highlighting the importance of timely software updates, strong passwords, and multifactor authentication.

Although demonstrated in a controlled setting, the study underscores broad cybersecurity risks given society’s dependence on interconnected digital systems across essential services such as water, energy, finance, health care, and transportation.

Access to the code remains restricted to qualified defensive researchers via a University of Toronto vetting process.

Tests focused on publicly disclosed, unpatched vulnerabilities and misconfigurations; three 2026-disclosed vulnerabilities were included after the model’s training cutoff without preloading an exploit catalog.

The findings note that the threat could exploit software vulnerabilities and user issues beyond advanced AI, meaning patches and updates may be insufficient in some cases.

Experts call for immediate, coordinated action from researchers, industry leaders, and policymakers to mitigate evolving AI-powered threats and bolster defenses across all connected devices.

In an interconnected world, no system is immune, and the goal is to mobilize researchers, industry, and policymakers to act urgently against AI-driven cyber threats.

The researchers published the paper to raise awareness while withholding certain details (like the open-source model identity and specific steps) to reduce misuse risk.