Overview
- The team published a preprint on June 9 that describes a proof-of-concept worm tested in an isolated 33-host virtual network that included Windows, Linux, and IoT systems.
- In 15 controlled runs the worm identified about 31 vulnerabilities on average, compromised roughly 23 hosts, and spread to about 20 machines over seven days with up to seven generations of self-replication.
- Unlike prior AI malware that called cloud APIs, the prototype used open-weight models to perform on-device inference so infected machines carried out the planning and exploitation work.
- The system could read newly published security advisories at runtime and use that fresh information to craft exploits that were not in its original training data.
- Authors withheld some implementation details because of dual-use risk and urged coordinated steps from researchers, defenders, industry, and policymakers to build agent-focused detection, testing frameworks, and updated patching strategies.