If I've understood correctly, the last example (ATPA: Advanced Scenario) describes a scenario where the tool is legitimate but the server is compromised and data is leaked by returning a malicious error message.
This scenario goes beyond "be careful what you install!" as it potentially makes even a GET request to a trusted website into an attack surface. It's like SQL injection writ large: every piece of text could be turned into malicious code at any moment.
This scenario goes beyond "be careful what you install!" as it potentially makes even a GET request to a trusted website into an attack surface. It's like SQL injection writ large: every piece of text could be turned into malicious code at any moment.