CPUID Breach Distributes STX RAT via Trojanized CPU-Z and HWMonitor Downloads

Unknown threat actors compromised CPUID (cpuid[.]com), a legitimate hardware monitoring software vendor, for less than 24 hours (April 9-10) to distribute trojanized versions of popular tools including CPU-Z and HWMonitor. The malicious downloads deployed STX RAT, a remote access trojan capable of data theft and system control. While the window was brief, any users who downloaded software during this period are at risk and should immediately scan systems, change credentials, and consider reinstalling affected applications. This incident underscores the growing risk of supply chain attacks targeting trusted software distribution channels.

Unknown threat actors compromised CPUID ("cpuid[.]com"), a website that hosts popular hardware monitoring tools like CPU-Z, HWMonitor, HWMonitor Pro, and PerfMonitor, for less than 24 hours to serve malicious executables for the software and deploy a remote access trojan called STX RAT. The incident lasted from approximately April 9, 15:00 UTC, to about April 10, 10:00 UTC, with

Unknown threat actors compromised CPUID (cpuid[.]com), a legitimate hardware monitoring software vendor, for less than 24 hours (April 9-10) to distribute trojanized versions of popular tools including CPU-Z and HWMonitor. The malicious downloads deployed STX RAT, a remote access trojan capable of data theft and system control. While the window was brief, any users who downloaded software during this period are at risk and should immediately scan systems, change credentials, and consider reinstalling affected applications. This incident underscores the growing risk of supply chain attacks targeting trusted software distribution channels. Unknown threat actors compromised CPUID ("cpuid[.]com"), a website that hosts popular hardware monitoring tools like CPU-Z, HWMonitor, HWMonitor Pro, and PerfMonitor, for less than 24 hours to serve malicious executables for the software and deploy a remote access trojan called STX RAT. The incident lasted from approximately April 9, 15:00 UTC, to about April 10, 10:00 UTC, with Unknown threat actors compromised CPUID ("cpuid[.]com"), a website that hosts popular hardware monitoring tools like CPU-Z, HWMonitor, HWMonitor Pro, and PerfMonitor, for less than 24 hours to serve malicious executables for the software and deploy a remote access trojan called STX RAT. The incident lasted from approximately April 9, 15:00 UTC, to about April 10, 10:00 UTC, with