Supply Chain Breach: How AI EDR Thwarted a Major Watering Hole Attack on CPU-Z

Breaking: Official CPUID Website Hijacked to Deliver Malware

On April 9, 2026, cybercriminals compromised the official CPUID domain at the API level, silently redirecting legitimate download requests to malicious servers. For 19 hours, users who downloaded CPU-Z, HWMonitor, and other tools via the site's own buttons received a properly signed binary bundled with a hidden malicious payload. SentinelOne's AI-driven endpoint detection and response (EDR) autonomously blocked the attack within seconds, preventing widespread infection.

“The trust chain broke above the users. They followed every instruction, yet still downloaded malware,” said a SentinelOne threat researcher. The attack is part of a systemic shift toward software supply chain compromise, where trusted developer identities and distribution infrastructure become the attack vector.

Anomaly Detected: CPU-Z Binaries Behaving Strangely

SentinelOne's behavioral detection flagged cpuz_x64.exe immediately upon execution. The binary itself was genuine and digitally signed. The anomaly lay in the process chain: the legitimate executable spawned PowerShell, which then launched csc.exe and cvtres.exe. CPU-Z never does this. Five specific behavioral indicators converged to trigger the alert: “Penetration framework or shellcode was detected.”

• Anomalous API resolution – The process located system functions via non-standard discovery methods, bypassing the OS loader.
• Reflective code loading – Executable code ran in memory regions with no corresponding disk file.
• Suspicious memory allocation – Read-Write-Execute (RWX) permissions requested, a classic staging pattern.
• Process injection patterns – Execution flow redirected into a secondary process to mask origin.
• Heuristic shellcode signatures – Sequential operations typical of automated exploitation toolkits.

The agent autonomously terminated and quarantined the processes before the attack could advance. A malicious CRYPTBASE.dll was later found in the system, placed there by the initial payload.

Background: A Growing Wave of Supply Chain Attacks

SentinelOne's Annual Threat Report identifies this exact pattern as a systemic shift. “This extends deeply into the software supply chain, where the identity of a trusted developer becomes the vector of attack,” the report states. In late 2025, the GhostAction campaign saw a compromised GitHub maintainer push malicious workflows to steal secrets. A concurrent phishing attack against an NPM maintainer deployed code that intercepted cryptocurrency transactions. Both attacks appeared legitimate because they originated from verified accounts with valid write access. The CPUID incident extends this pattern to software distribution itself: the supplier's own download infrastructure became the delivery channel.

What This Means: Trust Is No Longer Enough

For IT professionals and end users, this attack underscores that verifying a download's signature or source is insufficient. Attackers now compromise the entire distribution chain, from developer accounts to official websites. “The next attack will work the same way,” warned the researcher. Organizations must rely on runtime behavioral detection rather than static checks. SentinelOne's autonomous response demonstrates that AI can stop such attacks in seconds – before a single user is compromised. The lesson is clear: security must observe what software does, not just who signed it.