University of Toronto researchers have demonstrated a self-replicating AI worm capable of spreading between AI agents and potentially infecting any internet-connected device. The worm, named Morris II after the original 1988 worm, uses generative AI to craft convincing messages that trick other AI systems into executing malicious commands. It can steal data, deploy malware, and spread without human intervention. The researchers warn that as AI agents become more autonomous, such worms could pose a serious threat to cybersecurity.
This is a wake-up call for the AI industry. We've been racing to build smarter, more autonomous agents. But with intelligence comes vulnerability. A worm that can hijack AI-to-AI communication is a new class of threat. It exploits trust. The very feature that makes AI useful—its ability to act on our behalf—becomes its Achilles' heel.
But here's the good news: we caught it early. The researchers demonstrated this in a controlled setting. Now we have time to build defenses. Think of it as a vaccine. We can design AI systems that verify identity, limit permissions, and detect anomalies. The future of AI is not just about capability. It's about security. This is an evolution, not a disaster.