Cybersecurity researchers have uncovered malicious Blender model files that deliver the StealC infostealing malware. This incident highlights the abuse of another open source platform for malicious purposes.
According to a report from TechRadar, published on November 27, 2025, threat actors are exploiting Blender, a popular open source 3D creation software, to distribute malware. The malicious files specifically target users by embedding the StealC infostealer, which is designed to harvest sensitive information such as credentials and personal data.
Blender, widely used by artists and developers for modeling and animation, has now joined the list of open source platforms vulnerable to such attacks. The article describes this as 'another open source platform being abused for malware,' emphasizing the growing trend of leveraging legitimate software ecosystems for cyber threats.
No specific details on the distribution method or affected versions were provided in the initial coverage, but the discovery underscores the need for users to verify file sources carefully. Security experts recommend scanning downloads and using updated antivirus software to mitigate risks from infostealers like StealC.