Comment by _hyn3
The tremendous number of attacks delivered via trusted package repos versus the number of widespread attacks via curl | sh (probably roughly zero) means that, theories aside, one of these is far more commonly abused than the other.
The tremendous number of attacks delivered via trusted package repos versus the number of widespread attacks via curl | sh (probably roughly zero) means that, theories aside, one of these is far more commonly abused than the other.