AI Worm Autonomously Generates Exploits at Runtime
University of Toronto researchers demonstrated a proof-of-concept AI worm that leverages a locally hosted open-weight LLM to autonomously reason through network targets, generate novel exploit chains at runtime, and self-replicate — achieving 62% network penetration across a 33-host testbed with no human intervention. Unlike traditional worms with fixed payloads, this system bypasses conventional patch-based defences by dynamically adapting attack logic to whatever vulnerabilities it discovers. The use of offline open-weight models eliminates dependency on commercial AI APIs, making it resilient to rate-limiting or platform-level safety controls.