← Back to brief
Policy SafetyOfficialPreprintarXiv Cryptography and Security

AgentWorm: Self-Replicating Worm Attacks in LLM Agent Ecosystems

Jul 17, 2026

Researchers introduce AgentWorm, the first self-replicating worm attack demonstrated against a production-scale LLM agent framework. The attack achieves a fully autonomous infection cycle initiated by a single message, with a 63% aggregate success rate across five LLM backends, three infection vectors, and three payload types, and demonstrates sustained multi-hop propagation. Evaluation of defenses at three layers shows that critical controls needed to break the infection loop are not enabled in any observed deployments, and the vulnerability is inherent to the autonomous agent design pattern rather than a single implementation.

Why it matters: This work exposes a fundamental security vulnerability in autonomous LLM agent ecosystems, highlighting the risk of large-scale self-propagating attacks and the lack of effective defenses in current deployments.

Full story at: arXiv Cryptography and Security

More coverage