Key facts: CPUID data breach
- Date reported: April 10, 2026
- Target entity: CPUID
- Source of breach: Unknown, unauthorized third-party
- Data types: Browser credentials
- Status: Confirmed; reported on April 10, 2026
- Severity: Medium; the incident involved the distribution of malware via compromised software installers to steal sensitive browser data.
What happened in the CPUID cybersecurity incident?
CPUID (cpuid.com), the developer of popular system utility tools HWMonitor and CPU-Z, reported a security breach on April 10, 2026. The incident involved unknown attackers who successfully compromised the company's website to distribute infected files to users attempting to download these tools. The breach was identified as a supply chain attack where legitimate-looking installers were replaced with malicious versions.
The incident lasted approximately six hours and involved a compromised installer linked to the domain supp0v3-dot-com. This malicious software was specifically designed to harvest browser credentials from affected systems. While CPUID's original internal files reportedly remained secure, the distribution of malware to the public represents a significant security failure. The investigation remains ongoing as the company works to determine the full extent of the compromise. Such incidents typically result in unauthorized access to user accounts if the malicious payloads are executed.
Who is behind the incident?
The attacker or cause of the incident has not been identified.
Impact and risks for CPUID customers
For users who downloaded HWMonitor or CPU-Z during the six-hour period of the breach, the primary risk is the theft of browser-stored credentials. This could lead to unauthorized access to various online accounts, including personal email, social media, and financial services. Furthermore, systems that executed the malicious installer may remain compromised, potentially allowing for further malware deployment or data exfiltration by the attackers.
Typical outcomes of credential theft include identity fraud and large-scale account takeovers. Affected individuals are advised to immediately change their passwords, implement multi-factor authentication, and perform thorough system scans. Maintaining transparency regarding supply chain vulnerabilities is essential for helping the community mitigate these risks effectively.
How to protect against similar security incidents
Following the CPUID breach and the distribution of malicious software installers, users should take immediate action to secure their devices and sensitive information.
- Rotate compromised credentials. Immediately change passwords for any accounts stored within your web browsers. Prioritize sensitive accounts like email and banking, and ensure new passwords are unique and complex.
- Run comprehensive malware scans. Use reputable antivirus or endpoint detection software to scan your system for any remnants of the malicious CPUID installer. Ensure your security software is updated to the latest definitions to identify the specific malware signatures involved.
- Enable multi-factor authentication. Activate multi-factor authentication (MFA) on all online accounts to provide an extra layer of security against stolen credentials. Use authenticator apps or hardware security keys instead of SMS-based codes where possible.
- Implement continuous attack surface monitoring. Organizations should utilize attack surface management tools to detect if employees have downloaded compromised third-party software. Establish a process for verifying the digital signatures and hashes of all software downloads before installation.
Taking swift action to secure credentials and verify system integrity is the most effective way to recover from a supply chain compromise.
Frequently asked questions
What happened in the CPUID security incident?
On April 10, 2026, CPUID (cpuid.com) disclosed a security breach. According to initial reports, unknown attackers compromised the website for approximately six hours to serve infected installers for HWMonitor and CPU-Z, aiming to steal browser credentials.
When did the CPUID security incident occur?
The CPUID breach was publicly reported on April 10, 2026. The exact date of the attack has not been disclosed, though the period of active malware distribution lasted for about six hours.
What data was exposed?
The types of data involved in the CPUID incident include browser credentials targeted by the malicious installer. This page will be updated as verified information becomes available.
Is my personal information at risk?
If you interacted with CPUID and downloaded software during the breach window, there's a possibility your personal information could be affected. Similar incidents often involve email addresses, login details, or financial records. Stay alert for updates and take precautionary measures to secure your accounts.
What steps should companies take after being breached?
CPUID is expected to secure its download infrastructure, notify affected parties through public advisories, and provide guidance on protective actions. The company should review its security measures and deploy attack surface management to prevent future supply chain compromises.
This cybersecurity news article is powered by UpGuard Breach Risk — continuous attack surface monitoring for your organisation and supply chain.
