neowin[.]net/news/cpu-z-and-hwmonitor-downloads-tampered-with-by-hackers-in-new-supply-chain-style-attack/
The bottom line:
If you or someone you know downloaded these tools recently (April 9 and April 10), you must assume your system is compromised. Security analysts recommend you reinstall Windows entirely and immediately log out of all active web sessions to invalidate any stolen browser tokens and change every single one of your passwords.
Hackers managed to redirect requests to download those apps to their own poisoned files.