The Register Article
CPUID site hijacked to serve malware instead of HWMonitor downloads
https://www.theregister.com/2026/04/10/cpuid_site_hijacked/
Summary of key points from the article.
The CPUID website backend was attacked, exposing visitors to malware for several hours.
Users trying to download popular utilities like HWMonitor and CPU-Z were affected, and cases of antivirus programs triggering alerts or displaying unusual file names began being shared on Reddit and elsewhere. In one widely circulated case, the HWMonitor 1.63 update link was connected to a file named "HWiNFO_Monitor_Setup.exe," which was not the file users intended to download and signaled that something had been tampered with.
CPUID subsequently confirmed the security incident and clarified that it was due to backend hacking rather than tampering with the software itself.
In a post on X, CPUID stated: "While the investigation is still ongoing, it appears that between April 9 and 10, an auxiliary function (essentially a side API) was compromised for approximately 6 hours, exposing malicious links randomly on the main website (the signed original files were not corrupted)," and "We completed remediation measures immediately upon discovering the breach."
There has been no public disclosure regarding how the API was accessed or how many people actually received the malicious downloads. This incident once again reminds us that attackers can cause significant damage without even touching the code itself.
https://x.com/d0cTB/status/2042520961824559150