On April 9 and 10, 2026, the official download servers for CPU-Z and HWMonitor—software crafted by the renowned hardware monitoring tool developer CPUID—fell victim to a cyberattack. The assailants infiltrated the external APIs of the official websites, manipulating the legitimate download links for HWMonitor version 1.63 and CPU-Z version 2.19. Consequently, users were steered towards malevolent routes on Cloudflare R2 cloud storage, causing the downloaded installation packages to be laced with a malevolent CRYPTBASE.dll file. This file, functioning as a Trojan horse, was capable of pilfering sensitive data such as account passwords, cookies, and browsing history stored in the user's browser upon execution. Doc TB, the leader of CPUID, took to social media to announce that while the investigation is still underway, the problem has been pinpointed and rectified, with the original signed files remaining untouched. Security experts recommend that users who downloaded the aforementioned software versions during the affected period should promptly perform a comprehensive system virus scan and update all critical account passwords to minimize security threats.