Summary

The CPUID website was compromised by unknown threat actors to distribute a remote access trojan (RAT) called STX RAT through trojanized downloads of popular hardware monitoring tools. The breach lasted less than 24 hours, from April 9 to April 10, 2026.

Key Points

• CPUID's website, "cpuid[.]com", was compromised to serve malicious executables.
• The affected software includes CPU-Z, HWMonitor, HWMonitor Pro, and PerfMonitor.
• The breach occurred from approximately April 9, 15:00 UTC, to April 10, 10:00 UTC.
• The attack involved the deployment of the STX RAT, a remote access trojan.

Analysis

This breach highlights the vulnerability of software distribution platforms to cyberattacks, particularly those involving popular tools used by IT professionals. The short duration of the attack suggests a targeted operation, aiming to infect users quickly before detection. The use of a RAT indicates a significant threat, as it can provide attackers with extensive control over compromised systems.

Conclusion

IT professionals should verify the integrity of software downloads from CPUID and consider implementing additional security measures such as monitoring network traffic for unusual activity. Regularly updating security protocols and educating users on the risks of downloading software from compromised sources is crucial.