I’m note a programmer. I Don’t Understand Codes. How do I Know If An Open Source Application is not Stealing My Data Or Passwords? Google play store is scanning apps. It says it blocks spyware. Unfortunately, we know that it was not very successful. So, can we trust open source software? Can’t someone integrate their own virus just because the code is open?
Unless you know how to inspect it yourself (or trust someone who can): No.
Yes, theoretically if someone were to insert malware hooks into Blender, the entire internet would be freaking out. Except… we live in a post truth society and that could very rapidly be astroturfed to the point of “nobody really knows but it is probably fine”. A good example in the opposite direction was that chinese (probably?) battle royale game a few years back (Rings of Something?) where, at the height of the BR wars, “somebody” claimed that it involved malware. To my knowledge, it didn’t, but it more or less killed the game in the eyes of most people.
That said: Like with anything, what matters is the downstream users. If someone somehow introduced malware to glibc, the entire world would erupt in a manhunt because very significant percentages of the world run on that. Whereas, some closed source proprietary tool with a thousand customers might never notice.
FOSS is more about ideology and what you want the future of computing/the economy to be. Any discussions of “safety” are in the same realm of “security through obscurity” where… yes, it can help but if you are relying on that you are already dead.