The team behind OBS Studio has introduced new security measures after a recent plugin-related incident that forced the project to remove several files from its platform.
According to the update, OBS maintainers have already pulled all affected files to prevent further distribution. The move comes as part of efforts to tighten security and reduce the risk of compromised resources appearing on the platform.
Going forward, plugin updates will no longer go live automatically. OBS says all plugin updates will now require manual approval before they become publicly available. Previously, only newly submitted plugins needed review, but the new rule means every update must pass verification before release.
The project is also strengthening account security requirements for developers. Anyone who wants to post or update resources on the forum must now enable two-factor authentication (2FA). This additional layer of protection is designed to prevent unauthorized access to developer accounts and stop malicious files from being uploaded.
The incident also serves as a reminder that even platforms considered “official” sources can sometimes be targeted by attackers. Security experts continue to warn that reusing passwords across multiple websites remains one of the most common ways accounts get compromised.
If the same password is used on multiple services, a breach on one platform can easily lead to attackers gaining access to other accounts. For that reason, users are encouraged to switch to unique passwords and enable two-factor authentication wherever possible.