“Widely used Daemon Tools disk app backdoored in monthlong supply-chain attack” <https://arstechnica.com/security/2026/05/widely-used-daemon-tools-disk-app-backdoored-in-monthlong-supply-chain-attack/>: Kaspersky, the security firm reporting the supply-chain attack, said it began on April 8 and remained active as of the time its post went live. Installers that are signed by the developer’s official digital certificate and downloaded from its website infect Daemon Tools executables, causing the malware to run at boot time. Kaspersky didn’t explicitly say so, but based on technical details, the infected versions appear to be only those that run on Windows. Versions 12.5.0.2421 through 12.5.0.2434 are affected. Neither Kaspersky nor developer AVB could be contacted immediately for additional details. Checking my Debian repo, I find a set of related packages named “daemontools”. But it seems clear to me this “daemontools” has nothing to do with the “DAEMON Tools” product that is the subject of this security alert. To start with, the version numbers are quite different. Also, the latter is Windows-only <https://www.daemon-tools.cc/support/faq#system_requirements>, while the former makes it quite clear <https://cr.yp.to/daemontools.html> that it is “for managing UNIX services”.