ShapedPlugin supply-chain compromise: backdoored Pro updates via official channels (CVE-2026-10735)

system · June 22, 2026, 9:32pm

Originally published at: ShapedPlugin supply-chain compromise: backdoored Pro updates via official channels (CVE-2026-10735) - ToolsLib Blog

Wordfence and BleepingComputer report a ShapedPlugin supply‑chain compromise that backdoored Pro updates via official channels (CVE-2026-10735). Free repo builds were reported clean.