Daemon Tools, a widely used application for mounting disk images, has been compromised in a sophisticated supply-chain attack that began on April 8. Researchers from Kaspersky reported that malicious updates were pushed from the developer's official servers, affecting Windows versions 12.5.0.2421 through 12.5.0.2434. The infected software collects sensitive data such as MAC addresses, hostnames, and installed software, which is then sent to an attacker-controlled server. Thousands of machines across more than 100 countries were targeted, with about 12 machines belonging to retail, scientific, government, and manufacturing organizations receiving additional malicious payloads. This incident highlights the challenges of defending against supply-chain attacks, which often exploit trusted update channels. Kaspersky emphasized the need for organizations to scrutinize systems with Daemon Tools installed for unusual cybersecurity activities since the attack started.