Mr. Titus Tech is correct. cpuid-dot-com is indeed delivering malware right now.
As I began poking this with I stick I discovered this is not your typical run-of-the-mill malware. This malware is deeply trojanized, distributes from a compromised domain (cpuid-dot-com), performs file masquerading, is multi-staged, operates (almost) entirely in-memory, and uses some interesting methods to evade EDRs and/or AVs such as proxying NTDLL functionality from a .NET assembly.
The C2 domain present in one of the binaries is a clear IoC. This is the same Threat Group who was masquerading FileZilla in early March, 2026. They've been busy.
FFmpeg is moving to Rust 🦀
Our use of C and Assembly in FFmpeg has been an unacceptable violation of safety.
FFmpeg will be running 10x slower - but we're doing it for your safety.
All your videos will appear green - safety first, working software later.
@LowLevelTweets I just recently set up a new server on a TLD, only a 404 page. I'm getting hits for WordPress plugins and random PHP files, but the IP addresses it's coming from are Microsoft and Cloudflare? 😕