Researchers Create AI-Powered Worm That Learns While Spreading

Researchers have developed a computer worm powered by artificial intelligence that can learn and adapt as it spreads between devices, demonstrating that AI-driven cyber threats have moved from theoretical possibility to practical reality.

The prototype malware, created in an isolated virtual environment, represents a significant escalation in cybersecurity risk because it doesn't rely on exploiting a single system vulnerability. Instead, the AI-powered worm can autonomously discover and attack weaknesses as it propagates.

"Our results demonstrate that self-sustaining AI-driven cyber-threats are no longer theoretical," the researchers wrote in their study, which was posted on the preprint server arXiv.org and has not yet been peer-reviewed.

Built with publicly available AI

Unlike previous concerns about proprietary AI models from companies like OpenAI or Anthropic being weaponized, this worm was constructed using an undisclosed but freely available AI model "that anyone can download off the internet," according to the researchers' lab website.

This accessibility makes the threat more immediate. The technology required to build adaptive malware is not locked behind corporate safeguards or expensive infrastructure—it's available to anyone with sufficient technical knowledge.

David Lie, a professor at the University of Toronto who reviewed the research but wasn't directly involved, characterized the work as a "wake-up call" for the cybersecurity community. The demonstration shows "there's a motivation to do this sooner rather than later" in developing countermeasures.

Learning capability changes the game

Traditional computer worms follow predetermined instructions from their creators, limiting their ability to adapt to new environments or defenses. AI-powered worms operate differently.

"Because this is AI powered, it can learn," Lie explained. This learning capability allows the malware to identify and exploit hidden vulnerabilities that its original designer may not have anticipated.

The implications extend across critical infrastructure. The researchers noted that modern society depends on networked computers for drinking water systems, waste management, food distribution, energy grids, financial systems, communications, healthcare, education, and transportation. An adaptive, self-learning worm could potentially compromise any of these systems.

Why it matters

This research confirms that AI-enhanced malware is no longer a distant threat but a present capability that can be built with freely available tools. Organizations relying on traditional cybersecurity defenses designed for static threats may find themselves vulnerable to adaptive attacks that learn and evolve in real time. The findings underscore an urgent need for AI-powered defensive systems that can match the sophistication of AI-driven threats.

A dual-use technology

Lie noted that the same AI capabilities enabling malware to learn and adapt can also strengthen defenses. "They're mirrors of each other," he said. AI systems can help identify and patch vulnerabilities before malicious actors exploit them.

The researchers emphasized that their prototype was created in a controlled environment and poses no immediate threat to actual systems. However, they warned that "the world is not prepared to face" this new category of cybersecurity threat.

These details were first reported by the New York Times and published in Scientific American.