Cybersecurity researchers have disclosed details of a new campaign that has leveraged Blender Foundation files to deliver an information stealer known as StealC V2 .

"This ongoing operation, active for at least six months, involves implanting malicious .blend files on platforms like CGTrader," Morphisec researcher Shmuel Uzan said in a report shared with The Hacker News.

"Users unknowingly download these 3D model files, which are designed to execute embedded Python scripts upon opening in Blender -- a free, open-source 3D creation suite."

The cybersecurity company said the activity shares similarities with a prior campaign linked to Russian-speaking threat actors that involved impersonating the Electronic Frontier Foundation (EFF) to target the online gaming community and infect t

See Full Page