I am not a programmer but I want to know. I get that when many coders are contributing to a certain software, the faster it will be developed. Good! But wouldn't it also a disadvantage at the same time if you have someone with a malicious interest in mind injects some stealthy code somewhere that is hard to detect?

Also, who decides which update and when will be available for release/download when it is open-source?

I got a renewed curiosity about his things with the recent acquisition of GitHub by Microsoft could pave way for them to manipulate codes somehow so easily. I don't know how to write a single code and this may sound like a stupid analysis anyway.