The new threat can tailor its attack and learn new strategies with each machine infected.
By Steve Dent June 3, 2026 5:19 am EST
University of Toronto We've seen how AI can be used to find flaws in apps and websites, but researchers have now demonstrated how it could be weaponized to exploit those vulnerabilities. A team from the University of Toronto used publicly accessible AI models to power a prototype worm capable of exploiting any known computer flaw. Such worms could then spread through networks and cause chaos across the internet.
A typical worm is usually designed by skilled programmers to exploit specific network flaws and can be stopped by patching those flaws. However, the U of T scientists, working in a secure closed environment and taking extensive precautions, used open-weight (open-source) AI models to create a far more sophisticated prototype worm that spread through the team's test network with no human intervention.
This new type of worm tailors its attack to different types of flaws across multiple platforms, including Linux, Windows and IoT devices. It gathers data as it moves through the network, siphoning passwords and uncovering more vulnerabilities that will help it take over other machines. If an infection is discovered and patched on a computer, the worm can exploit other flaws to attack the same machine.
What's more, the worm "feeds" itself by siphoning processing power from infected machines to power its reasoning and strategy for future attacks. "Hackers have typically had to prioritize the most high-value targets because time and computing resources were limited," said the lead author, Nicolas Papernot. "But now, once a worm is launched, the cost would drop to nearly zero."
The idea of AI-powered cyber threats became very real recently with Anthropic's launch of Mythos, a model that can identify previously unknown cybersecurity risks. Anthropic has said that Mythos has already uncovered more than 10,000 flaws, boosting its partners' bug-finding rate by more than a factor of 10. Cloudflare, which helps protect companies from malicious attacks, found 2,000 such vulnerabilities, including 400 considered high or critical.
The prototype worm created by the researchers can only exploit known flaws and not find unknown ones like Mythos. However, it's easy to see how bad actors could adapt it to both find and exploit new vulnerabilities — which would make it nearly unstoppable if released into the wild. "In an interconnected world, no system is immune to this threat," Papernot said. "Sharing these findings is the first step in galvanizing researchers, industry leaders and policymakers to take action — and quickly."
