Supply-Chain Attack at CPUID Pushes Malware Through CPU-Z and HWMonitor

Hackers compromised an API for the CPUID project and altered download links on the official website to distribute malicious executables disguised as legitimate versions of CPU-Z and HWMonitor tools. The attack represents a supply-chain compromise targeting users downloading these utilities from the trusted CPUID platform. No specific malware family, infection timeline, or CVE identifiers were disclosed in the report. The impacted software includes widely used system monitoring and hardware identification tools, though the exact scope of affected downloads remains unconfirmed. The incident highlights risks associated with third-party software distribution channels. The breach was reported by BleepingComputer without additional technical indicators.