https://www.theregister.co.uk/2019/10/21/avast_ccleaner_intrusion/

On Monday, security biz Avast said it believes some of its credentials were stolen and abused in an unsuccessful attempt to subvert CCleaner, a file cleanup utility that it acquired in 2017.

Jaya Baloo, CISO at Avast Software, said in a blog post that the security shop spotted suspicious behavior on its network last month and began working with outside security groups, including the Czech intelligence agency, Security Information Service (BIS), to investigate the incident.