IOC Radar
TLP:WHITE1 IOC

Securing the Software Supply Chain: How SentinelOne’s AI EDR Autonomously Blocked the CPU-Z Watering Hole Cyber Attack

SB
SentinelOne Blog
Published April 14, 2026Original Report

Diamond Model

SOCIAL AXISTECHNOLOGY AXISADVERSARYunknownINFRASTRUCTUREsupp0v3.comCAPABILITYunknownVICTIMunknown
Adversary
Infrastructure(1)
Capability
Victim

Attack Flow8 steps · MITRE ATT&CK mapped

Initial AccessTA0001·T1190
1/8
Exploit Public-Facing Application
ActionCompromise download infrastructure
Threat actors compromised the CPUID domain at the API level, redirecting legitimate downloads to attacker-controlled infrastructure.

5W+H Threat Analysis

Analysis unavailable

Indicators of Compromise

Indicators of Compromise1

TypeIndicatorConfidenceScoreFirst Seen
Domainsupp0v3.com
indicatorintel-blognetwork
High
58
Jun 2, 26

IOC Relationship Graph

IOC Relationship Graph1 total IOCs
Domain
Domain1REPORTSecuring the Software Supp
scroll to zoom · drag to pan · click IOC to open