Skip to content

Researchers Demonstrate Self-Replicating AI Worm on Local Open-Source Models

In a nutshell: A locally operated AI worm can autonomously move through a network and generate tailored attacks without relying on external cloud services.

Researchers at the University of Toronto have developed a proof-of-concept: a computer worm that leverages a locally hosted open-weight language model to orchestrate autonomous network movements and spread without human intervention. The system generates attack methods tailored to each targeted host without accessing commercial AI services.

Researchers at the University of Toronto have developed and tested a self-replicating worm that operates entirely on locally hosted open-weight language models. The system uses an LLM to autonomously reason through network access and generate attack strategies tailored to each target in the network — all automated and without external intervention.

The proof-of-concept requires no connection to commercial AI services such as OpenAI or Anthropic. The use of local, open-weight models reduces external dependencies and complicates traditional detection methods that monitor API calls to cloud providers or distinctive network signatures.

For a CISO, this approach represents a new threat scenario: An attacker with access to a network can use a locally installed LLM as the core of an autonomous worm and thereby orchestrate lateral movement, privilege escalation, and replication on their own. This makes early detection more complex and requires new monitoring strategies that also treat local LLM processes as a security risk.


Source: thehackernews.com · Published June 9, 2026
Lumi AI News — AI-assisted curation pursuant to Art. 50 EU AI Act. Paraphrase and classification by Lumi News Pipeline v1.6.5.

Share on: