Yeah absolutely. But have you audited the mobile apps or the chrome extensions, etc. (Extensions can update in the background without interaction)? Every time a new release happens? Those products are created by completely different developers.
Not saying that a company could not have a malicious release. It could. I just think the odds are much lower because their release process has better security controls and is generally audited better.
Not saying that a company could not have a malicious release. It could. I just think the odds are much lower because their release process has better security controls and is generally audited better.