Researchers at the University of Toronto have successfully developed a self-spreading computer worm using a free, publicly available large language model (LLM) released in 2025. This worm was able to propagate through an enterprise test network by adapting to identify known vulnerabilities on the fly. The use of open-source models in this manner highlights the potential for attackers to cause significant disruption without relying on advanced AI models like Mythos or zero-day exploits. In fact, the ability to leverage these free models can significantly lower the barrier to entry for malicious actors1. The implications of this research are significant, as it demonstrates that attackers can achieve substantial impact without requiring extensive resources or sophisticated tools. This capability poses a considerable threat to network security, so practitioners must assess their exposure to such threats and take immediate action to mitigate potential risks.
Nobody needs Mythos or 0-days to build a chaos-causing computer worm – free open source models work just fine
⚠️ Critical Alert
Why This Matters
Zero-day activity targeting OpenAI means patching windows are already closing — assess your exposure immediately.
References
- The Register. (2026, June 4). Nobody needs Mythos or 0-days to build a chaos-causing computer worm – free open source models work just fine. The Register. https://www.theregister.com/research/2026/06/04/free-ai-model-powers-self-spreading-worm-in-enterprise-test-network/5250918
Original Source
The Register
Read original →