What happened
University of Toronto researchers, led by Nicolas Papernot, demonstrated an AI worm built with free, open-weight AI models, capable of adapting its attack strategy to spread across interconnected devices. The worm seizes network control, hijacks computing power, and exploits known vulnerabilities, siphoning processing power from infected machines to fuel its propagation. This prototype, developed in a secure lab, operates outside AI systems to target underlying software, making any online device a potential target, from laptops to HVAC systems, and reducing hacker costs to nearly zero after launch.
Why it matters
The cost of launching sophisticated cyberattacks drops to near zero for threat actors, shifting the economic model of large-scale network compromise. Security architects must now assume agentic malware can dynamically adapt to defences, requiring a re-evaluation of perimeter and internal network segmentation strategies. This development, following Anthropic Mythos demonstrating hacking prowess, expands the threat surface beyond AI applications to all internet-connected devices, increasing risk for operational technology and critical infrastructure.
