@natty I think it's another case against running software from unknown/untrusted sources in general. I'm even wondering how secure software from Flathub is, since I doubt people will audit a random unofficial wrapper package. See also the various version of Discord client there...