Kaspersky researchers have uncovered a supply chain attack against DAEMON Tools, in which malicious payloads were embedded in legitimate installers distributed directly from the software's official website and signed with authentic developer certificates — making the compromise difficult for most users to detect.