AI Malware Worm Adapts to New Targets in Real Time, Cybersecurity Experts Say
Researchers warn that AI agents could enable a new class of cyber threat: adaptive computer worms that reason about targets, generate attack strategies in real time, and spread autonomously. A proof-of-concept worm built in a controlled virtual network could identify vulnerabilities, compromise systems, and self-replicate across Linux, Windows, and IoT devices while adapting to each target instead of using fixed exploits. In 15 experiments, it found an average of 31.3 vulnerabilities, compromised 23.1 hosts, and spread to about 20 machines over seven days; in some runs it reached seven generations of replication. The worm did not rely on cloud AI services, running models locally on infected machines and using newly published security advisories at runtime to exploit vulnerabilities disclosed after training. The study highlights a dual-use risk: AI may make malware more autonomous, harder to patch against, and more difficult to contain.
