CPUID supply-chain trojanizes CPU-Z/HWMonitor with STX RAT [developing]
Key Questions
What popular tools were compromised in the CPUID supply-chain attack?
CPUID's CPU-Z and HWMonitor tools were trojanized with the STX RAT, distributing malware via a supply-chain compromise. This affects broad enterprise exposure, mimicking vectors seen in Lockheed/ChipSoft/Vercel OAuth attacks.
What is the STX RAT and its risks?
STX RAT is a remote access trojan distributed through compromised sysadmin tools like CPU-Z and HWMonitor. Enterprises face urgent risks, with hash/IOCs available for incident response hunts and ongoing exploit warnings.
How does this attack relate to the Vercel breach?
The CPUID compromise mimics OAuth supply-chain vectors from the Vercel breach, where a third-party AI tool access led to data exposure. It highlights hidden risks in trusted third-party apps and platform environment variables.
Popular sysadmin tools compromised distributing STX RAT; broad enterprise exposure mimicking Lockheed/ChipSoft/Vercel OAuth vectors; urgent hash/IOCs for IR hunts; ongoing exploit warnings.