{"id":225391,"date":"2026-06-03T13:42:00","date_gmt":"2026-06-03T17:42:00","guid":{"rendered":"https:\/\/testing.news-you-need.com\/index.php\/2026\/06\/03\/a-new-ai-powered-computer-worm-could-prove-to-be-the-stuff-of-cybersecurity-nightmares\/"},"modified":"2026-06-03T13:50:51","modified_gmt":"2026-06-03T17:50:51","slug":"a-new-ai-powered-computer-worm-could-prove-to-be-the-stuff-of-cybersecurity-nightmares","status":"publish","type":"post","link":"https:\/\/testing.news-you-need.com\/index.php\/2026\/06\/03\/a-new-ai-powered-computer-worm-could-prove-to-be-the-stuff-of-cybersecurity-nightmares\/","title":{"rendered":"A new AI-powered computer worm could prove to be the stuff of cybersecurity nightmares"},"content":{"rendered":"

A new AI-powered computer worm could prove to be the stuff of cybersecurity nightmares<\/a><\/p>\n

https:\/\/fortune.com\/2026\/06\/03\/a-new-ai-powered-computer-worm-could-prove-to-be-the-stuff-of-cybersecurity-nightmares\/<\/a><\/p>\n

Publish Date: 2026-06-03 13:42:00<\/a><\/p>\n

Source Domain: fortune.com<\/a><\/p>\n

Author: <\/a><\/p>\n

Using an unordered list, summarize the following article with between 4 and 8 key points. In cybersecurity, few words trigger more dread than \u2018wormable\u2019\u2014a vulnerability that could be weaponized into a self-spreading worm. Now researchers at the University of Toronto have demonstrated something worse: an AI-driven worm that can\u2019t be stopped by patching a single flaw, because it uses reasoning to detect and exploit different vulnerabilities as it spreads.\u00a0<\/p>\n

In a new paper released yesterday, \u2018AI Agents Enable Adaptive Computer Worms,\u2019 the researchers explain that traditional worms exploit a single vulnerability\u2014patch it, and you stop the spread. But AI agents go further: the worm they built generates tailored attack strategies, with no human intervention, by hijacking compromised machines and running open-weight LLMs to simultaneously reason and extend its reach.\u00a0<\/p>\n

The researchers ran the worm 15 times on a simulated 33-machine corporate network. On average, in one week with zero human involvement, the worm broke into nearly three-quarters of the machines on the network, and set up a permanent presence on nearly two-thirds of them.<\/p>\n

In addition, any LLM knowledge cutoff\u2014a date after which they don\u2019t know about new vulnerabilities\u2014did not stop the worm. The researchers showed the worm could read fresh, publicly available vulnerability advisories online in real time\u2014the same ones security teams use\u2014and figure out how to exploit those new flaws on its own.\u00a0<\/p>\n

Findings come after Anthropic\u2019s Mythos wake-up call<\/p>\n

The paper\u2019s findings come at a nervous moment for cybersecurity. Anthropic\u2019s recently launched Mythos model, deployed only to companies with critical software through Project Glasswing, rattled enterprise security teams by revealing just how many unpatched software vulnerabilities exist across corporate infrastructure. Now the Toronto researchers are showing what happens when autonomous generative adversaries can find their way in without humans and without without already-known exploits.<\/p>\n

\u201cThis is bigger than Mythos in my view,\u201d said Gary McGraw, CEO of the AI security nonprofit Berryville Institute of Machine Learning. \u201cThis shows what happens when a generic model that\u2019s open weights can be targeted, and it just sort of grinds relentlessly, looking for bugs.\u201d\u00a0<\/p>\n

What\u2019s new here, he told Fortune, is that AI has gotten so good at looking for bugs and finding exploits, that even the non-Mythos models, including smaller, open-weight LLMs, are now good enough to be the brains of a worm.\u00a0<\/p>\n

It should be a wake-up call to the industry, said McGraw, as was the famous Morris worm of 1988\u2014when Robert Morris Jr. created a worm at MIT, let it loose, and it rampaged across the early Internet like a wildfire.\u00a0<\/p>\n

Nearly four decades later, agentic AI is providing the \u201cbrain\u201d that looks for not just one bug, but any bug, he explained. Traditional worms, including important news-making ones like Heartbleed in 2014 and WannaCry in 2017, were all based on one particular bug.\u00a0<\/p>\n

\u201cNow, the worm can pick a target, and instead of seeing whether it has one bug that it knows about, it can just try to hack it with any bug that it can find,\u201d he said.\u00a0<\/p>\n

Ari Herbert-Voss, CEO of AI cybersecurity startup RunSybil and formerly OpenAI\u2019s first security hire, agreed that this is the latest reckoning for organizations, who need to accelerate patching efforts and stay ahead of a new generation of machine-speed attacks. \u201cOrganizations that continue to patch on human timelines will increasingly find themselves behind the curve,\u201d he said. <\/p>\n

Still, it is important to separate laboratory success from operational reality, pointed out Jamieson O\u2019Reilly, an offensive security specialist and founder of red-teaming startup Dvuln. \u201cI have no doubt that AI-driven propagation is a real and growing capability,\u201d he said, but added that while the researchers showed the AI-powered worm could spread to intentionally vulnerable targets in a controlled environment, companies do have defensive controls, monitoring, authentication barriers and operational friction that could dramatically alter outcomes.<\/p>\n

\u201cI view this research as an important warning sign rather than a surprise,\u201d he said. \u201cAI is steadily reducing the expertise required to build autonomous offensive capabilities, and both governments and organizations should take that seriously.\u201d <\/p>\n

Security teams must figure out how to defend in this new era<\/p>\n

For security teams, the answer to how to defend against the dangers of AI-powered worms is investment\u2014specifically in fixing software, said McGraw, pointing to Mythos as a model. \u201cThe thing I love about Mythos is that people spent literally millions of dollars finding and fixing bugs,\u201d he said. \u201cMaybe this will get the people who weren\u2019t involved [in Project Glasswing] to realize, we\u2019ve got to fix our software too.\u201d<\/p>\n

Herbert-Voss, however, argued that this may not fundamentally be just a spending problem. Most organizations already have more vulnerabilities than they can realistically address. \u201cThe challenge is knowing what actually matters for an attacker to gain control,\u201d he explained. \u201cAs attackers become faster and more automated, defenders need to become more precise.\u201d<\/p>\n

In addition, O\u2019Reilly emphasized that defenders still have an edge as worms using local AI models for their reasoning would still have to move large model files around computer networks. That creates unusual traffic and activity that security teams could detect. However, as models improve and get smaller, that advantage will erode, he warned. <\/p>\n

But McGraw insisted that the biggest challenge is that defenders are chronically underfunded. Most security professionals already know what they should be doing\u2014patching software, pen testing, using AI defensively. \u201cThat costs money, and it\u2019s an investment,\u201d he said. \u201cYou can spend too much on security, so how much is enough? Well, the scales recently changed. Time to think about it again.\u201d<\/p>\n

The bottom line, McGraw insisted, may be difficult, but is uncomplicated: \u201cFix your damn software.\u201d<\/p>\n

<\/p>\n","protected":false},"excerpt":{"rendered":"

A new AI-powered computer worm could prove to be the stuff of cybersecurity nightmares https:\/\/fortune.com\/2026\/06\/03\/a-new-ai-powered-computer-worm-could-prove-to-be-the-stuff-of-cybersecurity-nightmares\/…<\/p>\n","protected":false},"author":1,"featured_media":225392,"comment_status":"closed","ping_status":"","sticky":false,"template":"","format":"standard","meta":{"fifu_image_url":"https:\/\/fortune.com\/img-assets\/wp-content\/uploads\/2026\/06\/GettyImages-1346756826-e1780502054264.jpg?resize=1200,600","fifu_image_alt":"","footnotes":""},"categories":[15],"tags":[26,24,31,17,27],"class_list":["post-225391","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cybersecurity","tag-ai","tag-cybersecurity","tag-exploit","tag-llm","tag-vulnerability"],"_links":{"self":[{"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/225391"}],"collection":[{"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/comments?post=225391"}],"version-history":[{"count":1,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/225391\/revisions"}],"predecessor-version":[{"id":225393,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/225391\/revisions\/225393"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/media\/225392"}],"wp:attachment":[{"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/media?parent=225391"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/categories?post=225391"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/tags?post=225391"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}