CCleaner the evidence elimination tool that I recommend on The Complete Cyber Security Course has been compromised and Malware added to it. The effected Version is 5.33 of the CCleaner app offered for download between August 15 and September 12 2017.
Updating to the most recent versions removes the malware.
For more details check out the links.
Using the supply chain as an attack vector is a known threat that we need to be aware of. We discuss more on this on my courses when we discuss mitigations such as the zero trust model and in lectures on software trust and back-doors.