:

DAEMON TOOLS BREACHED, MALWARE-FREE VERSION RELEASED

SECURITY DESK2 MIN READ
WED, MAY 6, 2026

■ AI-SUMMARIZED FROM 1 SOURCE ▸ TIMELINE

Disc Soft Limited confirmed that DAEMON Tools Lite was compromised in a supply chain attack and has released a clean version of the software.

Disc Soft Limited, the developer of DAEMON Tools Lite, has acknowledged a breach that resulted in the distribution of trojanized versions of its popular disc emulation software. The company confirmed that attackers injected malware into the software during a supply chain compromise. Users who downloaded affected versions may have received malicious code alongside the legitimate application. Response and Recovery In response to the incident, Disc Soft Limited released a new malware-free version of DAEMON Tools Lite. The company has not disclosed specific details about the timing of the breach, how many users were affected, or the exact nature of the injected malware. What Users Should Do Users of DAEMON Tools Lite should update to the latest version immediately. Those running older versions should verify their installation status and consider reinstalling from the official sources. Supply Chain Attacks This incident joins a growing list of supply chain attacks targeting software vendors. By compromising legitimate applications, attackers gain access to large numbers of users while evading initial detection. Similar attacks have affected major software publishers in recent years, highlighting the vulnerability of the software distribution chain. Context DAEMON Tools Lite is widely used for creating virtual disc drives and mounting disc image files. Its popularity makes it an attractive target for attackers seeking broad distribution of malware. Disc Soft Limited has not released a detailed technical analysis of the breach or remediation steps taken to prevent future incidents. Users should monitor the company's official channels for additional guidance and security updates.

■ SOURCES

Bleeping Computer

■ SUMMARY WRITTEN BY AI FROM THE LINKS ABOVE

■ MORE FROM THE SECURITY DESK

U.S. federal prosecutors have unsealed charges against three Russian nationals accused of operating a bulletproof hosting service that supported ransomware gangs responsible for over $62 million in damages worldwide.

4H AGOIndustry Desk

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) warned that attackers are actively exploiting three vulnerabilities in Internet-exposed on-premises SharePoint Server instances. Organizations running affected versions must patch immediately.

4H AGOSecurity Desk

Tailscale disclosed a critical vulnerability in its SSH implementation that allowed attackers to gain root access through insecure argument handling. The flaw has been patched in recent versions.

7H AGOAI Desk

A new study found that social media platforms referred over 5.7 million visits to nonconsensual deepfake pornography sites between December 2025 and March 2026, with YouTube and X accounting for the majority of traffic.

9H AGOIndustry Desk

■ SUBSCRIBE TO THE DAILY BRIEF

ONE EMAIL, 5 STORIES, 06:00 UTC. UNSUBSCRIBE ANYTIME.