Until earlier this year, KDE let anyone upload a "global theme" to the official KDE Store. When a KDE user browsed the themes, he received no warning that the themes could run arbitrary code and that no one at KDE was vetting the themes. Then in March 2024 a KDE user installed a global KDE theme which did rm -rf to his home directory:

https://www.bleepingcomputer.com/news/linux/kde-advises-extr...

So, although I agree with most of the criticisms of Gnome I see here on HN, I use it because I found a way to work in it without being annoyed too much by the overconfidence and lack of skill of Gnome's UI designers and the lack of customizability and because at least the Gnome project seems to pay enough attention to security to avoid a security hole as blatant and obvious as the one I just described in KDE.

Here is an example of Gnome paying attention to security:

>[Gnome] implements permission control for privileged Wayland protocols like screencopy. There are other desktop environments and window managers with Wayland support, but I am not aware of any permission control implemented by them.

https://privsec.dev/posts/linux/choosing-your-desktop-linux-...

I.e., Gnome is the only DE the author quoted above knows of that actually takes the trouble to make use of a design feature that X lacks, but Wayland has: namely, an architecture that allows a DE to prevent the deplorable situation of most Linux installs in which any app can read the contents of the window of any other app.