I suspect it to be marketing because he is is unclear what the exploit is. And he also said this: 'it is unclear whether the attacker is also stealing seeds from software wallets directly at this stage', how is this possible, seeds stored where and from what software wallets? The warning does not make too much sense right now.