It’s a nightmare scenario that’s long haunted the imaginations of cybersecurity experts: computer malware that spreads autonomously from device to device, learning as it goes and exploiting different vulnerabilities along the way. Now, researchers have demonstrated that such a “worm” can in fact be built today, with publicly available AI models, and at a disconcertingly low cost. A preprint paper published Tuesday by a team from the University of Toronto, the University of Cambridge, and elsewhere outlines “a fundamentally new threat: a worm that generates tailored attack strategies to each target it encounters,” according to the researchers. The paper described how the team deployed an AI agent to act as a worm in a controlled, isolated network composed of Linux, Windows, and IoT devices and “with common corporate network vulnerabilities,” such as reused passwords. The agent was powered by an unnamed open source LLM. Why this worm is so dangerous Unlike a traditional computer virus, which needs a human to be duped into, say, opening a file infected with malware, worms can infect devices entirely on their own by exploiting security vulnerabilities and replicating into copies of itself along the way. They spread via a shared digital connection, such as a wifi network, to find other vulnerable devices it can infect. And they precede the LLM boom: back in 2017, the aptly-titled WannaCry worm, allegedly built by government-backed North Korean hackers, spread to hundreds of thousands of devices spread across more than 150 countries. The malware held the infected devices hostage until their owners paid a Bitcoin ransom.