All Topics
All Topics
Technology
Technology
Design
Design
Programming
Programming
Science
Science
News
News
Gaming
Gaming
Entertainment
Entertainment
Business
Business
Finance
Finance
Sports
Sports
Health
Health
Food
Food
Travel
Travel
Art
Art
Music
Music
Books
Books
Education
Education
Politics
Politics
Personal
Personal
No algorithm. No AI slop. No ads. Just RSS. Pro-human. Indie writers. Real journalism. Open web. Chronological. Hand toasted.

CPUID Website Breach Redirected Software Downloads to Malware

By

pashadee

1mo ago· 3 min readenNews
Bagel score 80 of 100
80/100
Golden Brown
Bagelometer

Hot, fresh, and worth queueing round the block for.

Score80TypenewsSentimentnegative

Summary

The CPUID website was compromised in a six-hour breach where attackers hijacked backend systems to replace legitimate software downloads (like HWMonitor and CPU-Z) with malware. Users reported antivirus alerts and suspicious file names, with the malware including credential stealers and other malicious software. The incident highlights security risks even on trusted software distribution sites.

Key quotes

· 4 pulled
Visitors to the CPUID website were briefly exposed to malware this week after attackers hijacked part of its backend, turning trusted download links into a delivery mechanism for something far less welcome.
The issue hit tools like HWMonitor and CPU-Z, with users on Reddit and elsewhere starting to notice something wasn't right when installers tripped antivirus alerts or showed up under odd names.
One example that did the rounds had the HWMonitor 1.63 update pointing to a file called 'HWiNFO_Monitor_Setup.exe,' which is not what anyone went there to download, and a pretty clear sign that something was wrong.
Six-hour breach turned trusted links into a coin toss between legit tools and credential stealers
Snippet from the RSS feed
: Six-hour breach turned trusted links into a coin toss between legit tools and credential stealers

You might also wanna read

Microsoft warns of crypto mining malware disguised as fake downloads of popular PC utilities

Microsoft's Windows Defender team has uncovered a cryptocurrency mining campaign targeting PC enthusiasts. Scammers are manipulating search

techspot.com·1d ago

Microsoft uncovers cryptojacking campaign using SEO poisoning and AI chatbots to target high-GPU users via fake utility downloads

Microsoft Defender Experts identified an active cryptojacking campaign that uses SEO poisoning and AI chatbot manipulation to distribute mal

microsoft.com·5d ago

Fake ChatGPT and Claude installers on GitHub and SourceForge deliver Deno RAT malware that steals crypto wallets

Attackers are distributing counterfeit installers for popular software like ChatGPT, Claude, AutoTune, Kontakt, Ableton Live, and ZENOLOGY o

helpnetsecurity.com·5d ago