🦠 Ransomware & Malware

150+ Victims Hit in CPUID Breach [STX RAT Trojan]

Imagine downloading your trusty CPU-Z to check your rig's specs—only to hand attackers your entire desktop. That's what hit over 150 users when CPUID's site got pwned, serving STX RAT malware in trojanized installers.

CVE Watch Apr 14, 2026 4 min read
Malicious CPU-Z download warning on compromised CPUID website with STX RAT alert

⚡ Key Takeaways

  • CPUID.com breached for 24 hours, trojanizing CPU-Z/HWMonitor with STX RAT via DLL side-loading. 𝕏
  • 150+ victims, mainly Brazil/Russia/China; orgs in retail/manufacturing hit too. 𝕏
  • Attackers' big mistake: reusing C2 from prior FileZilla campaign, exposing low opsec. 𝕏
  • Unique insight: Signals rise of AI-fueled amateur malware mimicking legit tools. 𝕏
Maya Thompson
Written by

Maya Thompson

Threat intelligence reporter. Tracks CVEs, ransomware groups, and major breach investigations.

#CPU-Z malware #CPU-Z trojan #CPUID breach #DLL side-loading #STX RAT #supply chain attack #watering hole attack
More in Ransomware & Malware →

Worth sharing?

Get the best Cybersecurity stories of the week in your inbox — no noise, no spam.

Originally reported by The Hacker News

Related Stories

📬

Stay in the loop

The week's most important stories from CVE Watch, delivered once a week.

No spam. Unsubscribe any time.