CPUID Website Breach Distributes STX RAT via Trojanized Software

Unknown threat actors compromised the CPUID website (cpuid[.]com), which hosts hardware monitoring tools including CPU-Z, HWMonitor, HWMonitor Pro, and PerfMonitor, for less than 24 hours to distribute trojanized versions of these executables. The breach occurred between approximately April 9, 15:00 UTC, and April 10, 10:00 UTC, during which malicious downloads deployed the STX remote access trojan (RAT). No specific attack vector or attribution was disclosed, nor were CVE IDs referenced. The incident involved the unauthorized distribution of malware through legitimate software downloads, posing a risk of remote system compromise. The affected tools are widely used for hardware performance monitoring, increasing the potential impact.