Threat actors are exploiting OpenAI’s popular Sora video generation model to distribute harmful software. The hackers are using social engineering, disguising their malware as a legitimate file called “SoraAI.lnk”. Reported first in Vietnam in May 2025, it’s been detected in various countries. The malware attempts to steal sensitive info such as browser cookies, passwords, gaming platform data, and cryptocurrency wallet details. Collected data is sent via Telegram, while larger files are uploaded to GoFile.io.
CISA Warns of Critical VMware vCenter RCE Vulnerability Now Exploited in Attacks
The Cybersecurity and Infrastructure Security Agency (CISA) has added a critical vulnerability affecting Broadcom’s VMware vCenter Server to its Known Exploited Vulnerabilities (KEV) catalog. This
