Both Wiens and MG said a supply-chain attack in which a remote-triggered explosive was surreptitiously placed into the pagers before they were distributed is more likely. There is precedent for this: in 1996, Israel put a bomb inside of a cell phone and used it to kill Yahya Ayyash, who was then a bomb maker for Hamas.
But they didn’t because materials that explode like that simply aren’t used as batteries.
Further, software is not magic. In consumer electronics basic power management is done entirely by hardware. A hack cannot short out the battery, because the circuit to do that simply doesn’t exist. Maybe the hack could cause enough of a sustained power draw to overheat the battery and trigger a failure eventually, but that would still look quite different from what we saw.