A block on Twitter doesn't say anything unless you know why they were blocked and know the person. Blocking can be more than warranted and justified. Be it spam, toxicity, harassment, or similar things. "I saw a screenshot of someone being blocked on Twitter" is not a good foundation for an argument.

They talk about malware in npm packages. One example isn't enough to make a general claim that all software with political opinions or voices becomes malware.

When a platform follows sanctions, and the law, I don't think you can claim them to be political and activism decisions. If you want to make that argument and want to do so in an absolutist fashion (not assess and reduce risks but evade them entirely), then you can only self-host and I guess on your own servers? No platforms, no services?

Nowadays, there are many teams who buy popular apps and browser extensions to inject malware.

… which has nothing to do with political views and especially not political views of the original authors and sellers.

As you can see, the "opinion" or "political view" of a company is not only a way to hype on sanctions and curry favor with investors, the government, and consumers, but it is also a clear signal about potential threats. It signals that your sensitive data may be hijacked, sold, or wiped anytime if the political compass spins tomorrow and recognizes you as an enemy.

No. None of what was written before showed me any of that.

Some of the red flags I actively use to reject software:

Direct political opinions in a product's blog, like "we support X" or "we are against X"

"We are free software and we support free software" -> REJECTED! (?)