> Tor exit nodes have been caught injecting malware into binaries downloaded over HTTP through them
It's more accurate to say bad actors have been injecting malware into HTTP-downloaded binaries. Some of these bad actors use Tor exit nodes, some use free WiFi hotspots, and some run their own VPN services. Framing this as a Tor problem is like blaming violence on weapons instead of the perpetrators.
(Tor exit nodes have been caught injecting malware into binaries downloaded over HTTP through them, for one possible problem if it isn't)