Date: 2026-04-10
Analyst: nemesis
Classification: Trojan / Backdoor (Alien RAT variant)
Severity: CRITICAL
Campaign ID: CityOfSin (extracted from C2 callback UTM parameters)
Scope: CPUID official domain compromise affecting CPU-Z, HWMonitor, HWMonitor Pro, PerfMonitor 2, powerMAX + separately FileZilla
Status: Breach confirmed and fixed by CPUID; site was compromised ~6 hours on April 9-10, 2026
CPUID Statement: "A secondary feature (a side API) was compromised for approximately six hours [...] causing the main website to randomly display malicious links. Our signed original files were not compromised."
Philippe Villiers kissifrot
N3mes1s
/ ANALYSIS.md
Last active
April 21, 2026 08:36
CPU-Z 2.19 Supply Chain Attack Analysis (April 2026) - Trojanized DLL Sideloading with Zig-compiled CRYPTBASE.dll, IPv6-encoded .NET deserialization, MSBuild persistence
GavinJoyce
/ gist:4f81d0bf879dad6b203e
Last active
November 20, 2020 04:01
speeding up `npm install` by disabling the progress bar
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| with `react-native`: | |
| npm set progress=false && rm -rf ~/.npm && rm -rf node_modules && npm cache clean && time npm install | |
| npm install 83.72s user 26.03s system 100% cpu 1:49.32 total | |
| npm set progress=true && rm -rf ~/.npm && rm -rf node_modules && npm cache clean && time npm install | |
| npm install 199.30s user 27.32s system 91% cpu 4:08.29 total | |
| -- |