AI Agents Enable Adaptive Computer Worms
Pith reviewed 2026-06-28 09:16 UTC · model grok-4.3
The pith
AI agents enable computer worms that generate tailored attacks for each target
A machine-rendered reading of the paper's core claim, the machinery that carries it, and where it could break.
Core claim
Artificial intelligence agents enable a fundamentally new threat in the form of a worm that generates tailored attack strategies to each target it encounters by parasitically running open-weight large language models on compromised machines to sustain reasoning and extend its reach.
What carries the argument
The AI agent that runs open-weight LLMs on infected machines to observe targets and synthesize attack logic in real time.
If this is right
- Spreads across diverse systems like Linux, Windows, and IoT by exploiting common vulnerabilities.
- Attacker's marginal cost per infection drops to zero.
- Centralized safety mechanisms on AI platforms have no effect.
- Self-sustaining AI-driven cyber threats are now possible without human operators.
Where Pith is reading between the lines
- Defenders could develop detection methods focused on identifying LLM inference processes on network machines.
- The concept might extend to other malware types like ransomware that adapt encryption or evasion tactics dynamically.
- Testing in controlled environments could reveal how well current open-weight models perform in generating exploits.
- This could prompt research into hardware-level restrictions on running large models on certain devices.
Load-bearing premise
Open-weight large language models running on compromised machines can observe target environments and generate successful tailored attack strategies in real time without human intervention.
What would settle it
A demonstration that the described worm fails to produce any effective tailored attacks on a real network of mixed devices or requires constant human guidance to function.
Figures
read the original abstract
A computer worm is malware that spreads on a network by replicating itself from one machine to another. Traditional worms, like WannaCry, exploited predetermined vulnerabilities, and their spread can be halted by patching those vulnerabilities. Here we show that artificial intelligence (AI) agents enable a fundamentally new threat: a worm that generates tailored attack strategies to each target it encounters. The worm parasitically uses compromised machines to run open-weight large language models (LLMs) to sustain its reasoning, or extend its reach for further attacks. Deployed on a network of machines spanning Linux, Windows, and IoT (Internet of Things) devices, the worm propagated by exploiting common, real-world corporate network vulnerabilities. Since the worm is powered by stolen compute, the attacker's marginal cost per new infection is zero. This creates a destabilizing economic asymmetry between attackers and defenders. Moreover, because the worm requires no commercial AI platform, centralized safety controls, such as service refusals or rate limiting, are structurally irrelevant. Our results demonstrate that self-sustaining AI-driven cyber-threats are no longer theoretical. We must prepare for autonomous generative adversaries: malware systems that propagate without human operators and are defined not by fixed exploit code, but by the capacity to reason about targets, adapt to observations, and synthesize attack logic in real time.
Editorial analysis
A structured set of objections, weighed in public.
Referee Report
Summary. The paper claims that AI agents enable a fundamentally new class of computer worm: one that uses open-weight LLMs running parasitically on compromised machines (Linux, Windows, IoT) to observe target environments in real time, reason about them, and autonomously synthesize tailored attack strategies for propagation, achieving zero marginal cost and rendering centralized safety controls irrelevant. It asserts that such a worm was deployed and successfully propagated across a corporate network by exploiting common vulnerabilities.
Significance. If the central empirical claims were substantiated with reproducible evidence, the result would be significant for computer security: it would establish the practical feasibility of self-sustaining, adaptive generative malware that shifts the attacker-defender economic balance and bypasses both patching-based defenses and commercial LLM guardrails.
major comments (2)
- [Abstract] Abstract: the assertion that the worm 'generates tailored attack strategies to each target it encounters' and 'sustain its reasoning' via LLMs running on compromised hardware is presented as demonstrated fact, yet the text supplies no implementation details, experimental setup, observation-to-exploit pipeline, success metrics, or validation data. This directly undermines the load-bearing claim that the LLM component performed autonomous tailoring rather than relying on pre-coded logic or external intervention.
- [Abstract] Abstract: the statement that the worm 'propagated by exploiting common, real-world corporate network vulnerabilities' and operated with 'stolen compute' is asserted without any description of the network topology, specific vulnerabilities used, LLM inference hardware constraints on typical compromised machines, or evidence that real-time environment observation and strategy synthesis occurred without human oversight. These omissions prevent evaluation of the 'self-sustaining' and 'autonomous generative adversary' properties.
Simulated Author's Rebuttal
We thank the referee for their review and for identifying areas where the presentation of our empirical claims requires additional substantiation. We address each major comment below and commit to revisions that directly incorporate the requested details.
read point-by-point responses
-
Referee: [Abstract] Abstract: the assertion that the worm 'generates tailored attack strategies to each target it encounters' and 'sustain its reasoning' via LLMs running on compromised hardware is presented as demonstrated fact, yet the text supplies no implementation details, experimental setup, observation-to-exploit pipeline, success metrics, or validation data. This directly undermines the load-bearing claim that the LLM component performed autonomous tailoring rather than relying on pre-coded logic or external intervention.
Authors: We agree that the abstract presents the core claims at a high level and that the submitted manuscript text does not supply the implementation details, experimental setup, observation-to-exploit pipeline, success metrics, or validation data. This omission weakens the ability to evaluate the autonomous tailoring claim. We will revise the manuscript to add a dedicated Methods section that describes the AI agent architecture, the real-time environment observation mechanism, the LLM-based strategy synthesis pipeline (including how prompts are constructed from observations), the distinction from pre-coded logic, and quantitative success metrics from the deployment. The abstract will be updated to reference these additions. revision: yes
-
Referee: [Abstract] Abstract: the statement that the worm 'propagated by exploiting common, real-world corporate network vulnerabilities' and operated with 'stolen compute' is asserted without any description of the network topology, specific vulnerabilities used, LLM inference hardware constraints on typical compromised machines, or evidence that real-time environment observation and strategy synthesis occurred without human oversight. These omissions prevent evaluation of the 'self-sustaining' and 'autonomous generative adversary' properties.
Authors: We agree that the current text does not describe the network topology, specific vulnerabilities exploited, LLM inference hardware constraints on the compromised machines, or provide evidence of operation without human oversight. These details are necessary to assess the self-sustaining and autonomous properties. In revision we will add a Results subsection that specifies the corporate network configuration, the common vulnerabilities used for propagation, the hardware profiles of the Linux/Windows/IoT devices and their suitability for local LLM inference, and evidence (such as execution logs or metrics) demonstrating autonomous observation-to-attack cycles without external intervention. The abstract will be revised accordingly. revision: yes
Circularity Check
No derivation chain or fitted predictions present
full rationale
The paper is a conceptual and experimental security demonstration. Its abstract and description contain no equations, no parameter fittings, no predictions derived from models, and no self-citations invoked as load-bearing uniqueness theorems. The central claim rests on a described deployment rather than any reduction of outputs to inputs by construction. This is the expected non-finding for a non-mathematical paper.
Axiom & Free-Parameter Ledger
Forward citations
Cited by 1 Pith paper
-
Honeyquest for LLMs: Rethinking Cyber Deception for AI Attackers
LLMs fall for deceptive traps at higher rates than humans, lack the human attention-diversion effect, and exploit traps 73.4% of the time even after recognizing them in reasoning.
Reference graph
Works this paper leans on
-
[1]
How much does an NVIDIA H100 GPU cost?, 2025
Daniel Adeboye. How much does an NVIDIA H100 GPU cost?, 2025. URL https://northflank.com/blog/how-much-does-an-nvidia-h100-gpu-cost
2025
-
[2]
NVIDIA announces financial results for fourth quarter and fiscal 2023
NVIDIA Corporation . NVIDIA announces financial results for fourth quarter and fiscal 2023. Investor relations press release, February 2023. URL https://nvidianews.nvidia.com/news/nvidia-announces-financial-results-for-fourth-quarter-and-fiscal-2023
2023
-
[3]
NVIDIA announces financial results for fourth quarter and fiscal 2026
NVIDIA Corporation . NVIDIA announces financial results for fourth quarter and fiscal 2026. Investor relations press release, February 2026 a . URL https://nvidianews.nvidia.com/news/nvidia-announces-financial-results-for-fourth-quarter-and-fiscal-2026
2026
-
[4]
NVIDIA announces financial results for fourth quarter and fiscal 2024
NVIDIA Corporation . NVIDIA announces financial results for fourth quarter and fiscal 2024. Investor relations press release, February 2024 a . URL https://nvidianews.nvidia.com/news/nvidia-announces-financial-results-for-fourth-quarter-and-fiscal-2024
2024
-
[5]
NVIDIA announces financial results for fourth quarter and fiscal 2025
NVIDIA Corporation . NVIDIA announces financial results for fourth quarter and fiscal 2025. Investor relations press release, February 2025 a . URL https://nvidianews.nvidia.com/news/nvidia-announces-financial-results-for-fourth-quarter-and-fiscal-2025
2025
-
[6]
Nvidia shipped 3.76 million data-center GPUs in 2023, according to study, 2024
Agam Shah. Nvidia shipped 3.76 million data-center GPUs in 2023, according to study, 2024. URL https://www.hpcwire.com/2024/06/10/nvidia-shipped-3-76-million-data-center-gpus-in-2023-according-to-study/
2023
-
[7]
Nvidia H100 : Are 550,000 GPUs enough for this year? HPCwire, August 2023
Doug Eadline. Nvidia H100 : Are 550,000 GPUs enough for this year? HPCwire, August 2023. URL https://www.hpcwire.com/2023/08/17/nvidia-h100-are-550000-gpus-enough-for-this-year/
2023
-
[8]
NVIDIA 's B200 costs around \ 6,400 to produce, with memory accounting for half
Venkat Somala. NVIDIA 's B200 costs around \ 6,400 to produce, with memory accounting for half. Epoch AI Data Insights, December 2025. URL https://epoch.ai/data-insights/b200-cost-breakdown
2025
-
[9]
Annual report on form 10- K for the fiscal year ended January 28, 2024
NVIDIA Corporation . Annual report on form 10- K for the fiscal year ended January 28, 2024. U.S. Securities and Exchange Commission, 2024 b . URL https://www.sec.gov/Archives/edgar/data/1045810/000104581024000029/nvda-20240128.htm
-
[11]
Annual report on form 10- K for the fiscal year ended January 25, 2026
NVIDIA Corporation . Annual report on form 10- K for the fiscal year ended January 25, 2026. U.S. Securities and Exchange Commission, 2026 b . URL https://www.sec.gov/Archives/edgar/data/0001045810/000104581026000021/nvda-20260125.htm
-
[12]
How Vice Society got away with a global ransomware spree
Lily Hay Newman. How Vice Society got away with a global ransomware spree. Wired, October 2022. URL https://www.wired.com/story/vice-society-ransomware-gang/. Accessed: 2026-04-27
2022
-
[13]
CVE-2023-46604 ( Apache ActiveMQ ) exploited to infect systems with cryptominers and rootkits
Peter Girnus. CVE-2023-46604 ( Apache ActiveMQ ) exploited to infect systems with cryptominers and rootkits. Trend Micro Research, November 2023. URL https://www.trendmicro.com/en_gb/research/23/k/cve-2023-46604-exploited-by-kinsing.html. Accessed: 2026-04-27
2023
-
[14]
Government Accountability Office
U.S. Government Accountability Office . Data protection: Actions taken by equifax and federal agencies in response to the 2017 breach. Technical Report GAO-18-559, U.S. Government Accountability Office, 2018. URL https://www.gao.gov/products/gao-18-559
2017
-
[15]
Exim mail transfer agent actively exploited by russian gru cyber actors
National Security Agency . Exim mail transfer agent actively exploited by russian gru cyber actors. Technical report, National Security Agency, 2020. URL https://www.nsa.gov/Press-Room/Press-Releases-Statements/Press-Release-View/Article/2196511/exim-mail-transfer-agent-vulnerability/
-
[16]
TeamTNT, Group G0139
The MITRE Corporation . TeamTNT, Group G0139 . MITRE ATT&CK , 2025. URL https://attack.mitre.org/groups/G0139/. Version 1.4, last modified 22 October 2025. Accessed: 2026-04-27
2025
-
[17]
Marimo security advisory: CVE -2026-39987
marimo-team . Marimo security advisory: CVE -2026-39987. https://github.com/marimo-team/marimo/security/advisories, 2026. Disclosed April 8, 2026
2026
-
[18]
Marimo OSS Python notebook RCE : From disclosure to exploitation in under 10 hours
Sysdig Threat Research Team . Marimo OSS Python notebook RCE : From disclosure to exploitation in under 10 hours. https://www.sysdig.com/blog/marimo-oss-python-notebook-rce-from-disclosure-to-exploitation-in-under-10-hours, 2026. Published April 2026
2026
-
[19]
Copy fail: CVE -2026-31431
Xint Code . Copy fail: CVE -2026-31431. https://copy.fail, 2026. Disclosed April 29, 2026
2026
-
[20]
Fixes available for CVE -2026-31431 ( Copy Fail ) Linux kernel local privilege escalation vulnerability
Luci Stanescu . Fixes available for CVE -2026-31431 ( Copy Fail ) Linux kernel local privilege escalation vulnerability. https://ubuntu.com/blog/copy-fail-vulnerability-fixes-available, 2026. Published April 30, 2026
2026
-
[21]
Dirty frag ( CVE -2026-43284, CVE -2026-43500): Frequently asked questions about this Linux kernel privilege escalation vulnerability chain
Scott Caveza . Dirty frag ( CVE -2026-43284, CVE -2026-43500): Frequently asked questions about this Linux kernel privilege escalation vulnerability chain . https://www.tenable.com/blog/dirty-frag-cve-2026-43284-cve-2026-43500-frequently-asked-questions-linux-kernel-lpe, 2026. Published May 2026
2026
-
[22]
Dirty Frag Vulnerability CVE -2026-43284 and CVE -2026-43500: Why reliable linux privilege escalation changes the defense equation
Dvorin, Tova and Sagiv, Noam . Dirty Frag Vulnerability CVE -2026-43284 and CVE -2026-43500: Why reliable linux privilege escalation changes the defense equation. https://www.safebreach.com/blog/cve-2026-43284-cve-2026-43500-dirty-frag-linux-lpe-vulnerability/, 2026. Published May 2026
2026
-
[23]
The security design of the AWS Nitro system
Amazon Web Services . The security design of the AWS Nitro system. Technical report, Amazon Web Services, December 2022. URL https://docs.aws.amazon.com/whitepapers/latest/security-design-of-aws-nitro-system/security-design-of-aws-nitro-system.html. Accessed: 2026-01-29
2022
-
[24]
Hypervisor security on the Azure fleet, 2024
Microsoft Azure . Hypervisor security on the Azure fleet, 2024. URL https://learn.microsoft.com/en-us/azure/security/fundamentals/hypervisor. Accessed: 2026-04-09
2024
-
[25]
Infrastructure security design overview, 2024
Google Cloud . Infrastructure security design overview, 2024. URL https://cloud.google.com/docs/security/infrastructure/design. Accessed: 2026-04-09
2024
-
[26]
Security recommendations for server-based hypervisor platforms
Ramaswamy Chandramouli. Security recommendations for server-based hypervisor platforms. Technical report, National Institute of Standards and Technology, 2018
2018
-
[27]
R. Anderson. Why information security is hard - an economic perspective. In Seventeenth Annual Computer Security Applications Conference, pages 358--365, 2001. doi:10.1109/ACSAC.2001.991552
-
[28]
Measuring pay-per-install: the commoditization of malware distribution
Juan Caballero, Chris Grier, Christian Kreibich, and Vern Paxson. Measuring pay-per-install: the commoditization of malware distribution. In Proceedings of the 20th USENIX Conference on Security, SEC'11, page 13, USA, 2011. USENIX Association
2011
-
[29]
N H S E ngland -- N H S E ngland business continuity management toolkit case study: W anna C ry attack --- england.nhs.uk
NHS England. N H S E ngland -- N H S E ngland business continuity management toolkit case study: W anna C ry attack --- england.nhs.uk. https://www.england.nhs.uk/long-read/case-study-wannacry-attack/, 2023. Accessed: 2026-01-29
2023
-
[30]
S. Ghafur, Søren Kristensen, K. Honeyford, G. Martin, A. Darzi, and P. Aylin. A retrospective impact analysis of the wannacry cyberattack on the nhs. npj Digital Medicine, 2: 0 98, 2019. doi:10.1038/s41746-019-0161-6. URL https://doi.org/10.1038/s41746-019-0161-6
-
[31]
The untold story of NotPetya , the most devastating cyberattack in history
Andy Greenberg. The untold story of NotPetya , the most devastating cyberattack in history. Wired, August 2018. URL https://www.wired.com/story/notpetya-cyberattack-ukraine-russia-code-crashed-the-world/
2018
-
[32]
AutoAttacker: A large language model guided system to implement automatic cyber-attacks,
Jiacen Xu, Jack W Stokes, Geoff McDonald, Xuesong Bai, David Marshall, Siyue Wang, Adith Swaminathan, and Zhou Li. Autoattacker: A large language model guided system to implement automatic cyber-attacks. arXiv preprint arXiv:2403.01038, 2024
-
[33]
Incalmo: An autonomous LLM -assisted system for red teaming multi-host networks
Brian Singer, Keane Lucas, Lakshmi Adiga, Meghna Jain, Lujo Bauer, and Vyas Sekar. Incalmo: An autonomous LLM -assisted system for red teaming multi-host networks. In Proceedings of the 47th IEEE Symposium on Security and Privacy, May 2026. URL https://www.ece.cmu.edu/ lbauer/papers/2026/sp2026-incalmo.pdf
2026
-
[34]
Justin W Lin, Eliot Krzysztof Jones, Donovan Julian Jasper, Ethan Jun shen Ho, Anna Wu, Arnold Tianyi Yang, Neil Perry, Andy Zou, Matt Fredrikson, J Zico Kolter, Percy Liang, Dan Boneh, and Daniel E. Ho. Comparing AI agents to cybersecurity professionals in real-world penetration testing. In The Fourteenth International Conference on Learning Representati...
2026
-
[35]
Here comes the ai worm: Preventing the propagation of adversarial self-replicating prompts within genai ecosystems
Stav Cohen, Ron Bitton, and Ben Nassi. Here comes the ai worm: Preventing the propagation of adversarial self-replicating prompts within genai ecosystems. In Proceedings of the 2025 ACM SIGSAC Conference on Computer and Communications Security, pages 3975--3989, 2025
2025
-
[36]
Measuring the changing cost of cybercrime
Ross Anderson, Chris Barton, Rainer Boehme, Richard Clayton, Carlos Ganan, Tom Grasso, Michael Levi, Tyler Moore, and Marie Vasek. Measuring the changing cost of cybercrime. The 2019 Workshop on the Economics of Information Security, 2019. doi:10.17863/CAM.41598. URL https://www.repository.cam.ac.uk/handle/1810/294492
-
[37]
Shengye Wan , Cyrus Nikolaidis , Daniel Song , David Molnar , James Crnkovich , Jayson Grace , Manish Bhatt , Sahana Chennabasappa , Spencer Whitman , Stephanie Ding , Vlad Ionescu , Yue Li , and Joshua Saxe . Cyberseceval 3: Advancing the evaluation of cybersecurity risks and capabilities in large language models. arXiv preprint arXiv:2408.01605, 2024
-
[38]
arXiv preprint arXiv:2503.11917(2025)
Mikel Rodriguez, Raluca Ada Popa, Four Flynn, Lihao Liang, Allan Dafoe, and Anna Wang. A framework for evaluating emerging cyberattack capabilities of ai. arXiv preprint arXiv:2503.11917, 2025
-
[39]
Cai: An open, bug bounty-ready cybersecurity ai, 2025
V \' ctor Mayoral-Vilches , Luis Javier Navarrete-Lozano , Mar \' a Sanz-G \'o mez , Lidia Salas Espejo , Marti \ n o Crespo- \'A lvarez , Francisco Oca-Gonzalez , Francesco Balassone , Alfonso Glera-Pic \'o n , Unai Ayucar-Carbajo , Jon Ander Ruiz-Alcalde , Stefan Rass , Martin Pinzger , and Endika Gil-Uriarte . Cai: An open, bug bounty-ready cybersecuri...
-
[40]
Estimating worst-case frontier risks of open-weight LLM s
Eric Wallace, Olivia Watkins, Miles Wang, Kai Chen, and Chris Koch. Estimating worst-case frontier risks of open-weight LLM s. In The Fourteenth International Conference on Learning Representations, 2026. URL https://openreview.net/forum?id=rXLRyJXSCy
2026
-
[41]
Frontier ai risk management framework in practice: A risk analysis technical report
Xiaoyang Chen, Yunhao Chen, Zeren Chen, Zhiyun Chen, Hanyun Cui, Yawen Duan, Jiaxuan Guo, Qi Guo, Xuhao Hu, Hong Huang, Lige Huang, Chunxiao Li, Juncheng Li, Qihao Lin, Dongrui Liu, Xinmin Liu, Zicheng Liu, Chaochao Lu, Xiaoya Lu, Jingjing Qu, Qibing Ren, Jing Shao, Jingwei Shi, Jingwei Sun, Peng Wang, Weibing Wang, Jia Xu, Lewen Yan, Xiao Yu, Yi Yu, Boxu...
-
[42]
Replibench: Evaluating the autonomous replication capabilities of language model agents
Sidney Black, Asa Cooper Stickland, Jake Pencharz, Oliver Sourbut, Michael Schmatz, Jay Bailey, Ollie Matthews, Ben Millwood, Alex Remedios, and Alan Cooney. Replibench: Evaluating the autonomous replication capabilities of language model agents. In NeurIPS 2025 Workshop on Evaluating the Evolving LLM Lifecycle: Benchmarks, Emergent Abilities, and Scaling...
2025
-
[43]
2025 data breach investigations report
Verizon Threat Research Advisory Center . 2025 data breach investigations report. Technical report, Verizon, 2025. URL https://www.verizon.com/business/resources/T16f/reports/2025-dbir-data-breach-investigations-report.pdf. 18th edition
2025
-
[44]
Known exploited vulnerabilities catalog
Cybersecurity and Infrastructure Security Agency . Known exploited vulnerabilities catalog. https://www.cisa.gov/known-exploited-vulnerabilities-catalog, 2021. Accessed: 2026-04-27
2021
-
[45]
Owasp top 10:2025, 2025
OWASP Foundation . Owasp top 10:2025, 2025. URL https://owasp.org/www-project-top-ten/. Accessed: 2026-04-27
2025
-
[46]
Enterprise techniques
The MITRE Corporation . Enterprise techniques. MITRE ATT&CK , 2026. URL https://attack.mitre.org/techniques/enterprise/. Accessed: 2026-04-27
2026
-
[47]
Ho, and Percy Liang
Andy K Zhang, Neil Perry, Riya Dulepet, Joey Ji, Celeste Menders, Justin W Lin, Eliot Jones, Gashon Hussein, Samantha Liu, Donovan Julian Jasper, Pura Peetathawatchai, Ari Glenn, Vikram Sivashankar, Daniel Zamoshchin, Leo Glikbarg, Derek Askaryar, Haoxiang Yang, Aolin Zhang, Rishi Alluri, Nathan Tran, Rinnara Sangpisit, Kenny O Oseleononmen, Dan Boneh, Da...
2025
-
[48]
NYU CTF bench: A scalable open-source benchmark dataset for evaluating LLM s in offensive security
Minghao Shao, Sofija Jancheska, Meet Udeshi, Brendan Dolan-Gavitt, Haoran Xi, Kimberly Milner, Boyuan Chen, Max Yin, Siddharth Garg, Prashanth Krishnamurthy, Farshad Khorrami, Ramesh Karri, and Muhammad Shafique. NYU CTF bench: A scalable open-source benchmark dataset for evaluating LLM s in offensive security. In The Thirty-eight Conference on Neural Inf...
2024
-
[49]
A uto P en B ench: A vulnerability testing benchmark for generative agents
Luca Gioacchini, Alexander Delsanto, Idilio Drago, Marco Mellia, Giuseppe Siracusano, and Roberto Bifulco. A uto P en B ench: A vulnerability testing benchmark for generative agents. In Saloni Potdar, Lina Rojas-Barahona, and Sebastien Montella, editors, Proceedings of the 2025 Conference on Empirical Methods in Natural Language Processing: Industry Track...
-
[50]
Wannacry ransomware: Analysis of infection, persistence, recovery prevention and propagation mechanisms
Maxat Akbanov, Vassilios G Vassilakis, and Michael D Logothetis. Wannacry ransomware: Analysis of infection, persistence, recovery prevention and propagation mechanisms. Journal of Telecommunications and Information Technology, 0 (1): 0 113--124, 2019
2019
-
[51]
Alert (ta17-132a): Indicators associated with wannacry ransomware
Cybersecurity and Infrastructure Security Agency . Alert (ta17-132a): Indicators associated with wannacry ransomware. Technical report, US Department of Homeland Security, 2017. URL https://www.cisa.gov/news-events/alerts/2017/05/12/indicators-associated-wannacry-ransomware
2017
-
[52]
Metasploit Framework
Rapid7 . Metasploit Framework . https://github.com/rapid7/metasploit-framework. Accessed: 2026-05-25
2026
-
[53]
Large language model-powered ai systems achieve self-replication with no human intervention
Xudong Pan, Jiarun Dai, Yihe Fan, Minyuan Luo, Changyi Li, and Min Yang. Large language model-powered ai systems achieve self-replication with no human intervention. arXiv preprint arXiv:2503.17378, 2025
-
[54]
The promptware kill chain: How prompt injections gradually evolved into a multi-step malware
Ben Nassi, Bruce Schneier, and Oleg Brodt. The promptware kill chain: How prompt injections gradually evolved into a multi-step malware. arXiv preprint arXiv:2601.09625, 2026
-
[55]
Disrupting the first reported AI -orchestrated cyber espionage campaign
Anthropic . Disrupting the first reported AI -orchestrated cyber espionage campaign. https://www.anthropic.com/news/disrupting-AI-espionage, November 2025. Accessed: 2026-01-29
2025
-
[56]
Dynamic risk assessments for offensive cybersecurity agents
Boyi Wei, Benedikt Stroebl, Jiacen Xu, Joie Zhang, Zhou Li, and Peter Henderson. Dynamic risk assessments for offensive cybersecurity agents. In The Thirty-ninth Annual Conference on Neural Information Processing Systems Datasets and Benchmarks Track, 2026. URL https://openreview.net/forum?id=uGuy73Dx6I
2026
-
[57]
Nicholas Carlini, Milad Nasr, Edoardo Debenedetti, Barry Wang, Christopher A Choquette-Choo, Daphne Ippolito, Florian Tram \`e r, and Matthew Jagielski. Llms unlock new paths to monetizing exploits. arXiv preprint arXiv:2505.11449, 2025
-
[58]
María Sanz-Gómez, Víctor Mayoral-Vilches, Francesco Balassone, Luis Javier Navarrete-Lozano, Cristóbal R. J. Veas Chavez, and Maite del Mundo de Torres. Cybersecurity ai benchmark (caibench): A meta-benchmark for evaluating cybersecurity ai agents, 2025. URL https://arxiv.org/abs/2510.24317
-
[59]
Assessing Claude Mythos Preview’s cybersecurity capabilities
Anthropic . Assessing Claude Mythos Preview’s cybersecurity capabilities . https://red.anthropic.com/2026/mythos-preview/, April 2026
2026
-
[60]
Understanding the digital security of products: An in-depth analysis
OECD . Understanding the digital security of products: An in-depth analysis. OECD Digital Economy Papers 305, OECD Publishing, 2021
2021
-
[61]
Zero days, thousands of nights: The life and times of zero-day vulnerabilities and their exploits
Lillian Ablon and Andy Bogart. Zero days, thousands of nights: The life and times of zero-day vulnerabilities and their exploits. Technical Report RR-1751-RC, RAND Corporation, Santa Monica, CA, March 2017. URL https://www.rand.org/pubs/research_reports/RR1751.html
2017
-
[62]
CAPE : Malware configuration and payload extraction, 2024
CAPE Sandbox Project . CAPE : Malware configuration and payload extraction, 2024. URL https://github.com/kevoreilly/CAPEv2
2024
-
[63]
Firecracker: Lightweight virtualization for serverless applications
Alexandru Agache, Marc Brooker, Alexandra Iordache, Anthony Liguori, Rolf Neugebauer, Phil Piwonka, and Diana-Maria Popa. Firecracker: Lightweight virtualization for serverless applications. In 17th USENIX symposium on networked systems design and implementation (NSDI 20), pages 419--434, 2020
2020
discussion (0)
Sign in with ORCID, Apple, or X to comment. Anyone can read and Pith papers without signing in.