If a software is open source and used by a huge userbase and maybe even developed by them, the chances that a malicious code snippet will be detected is quite high. Especially when talking about software updates.
With a closed source software, you never know what the software actually is doing and what every "bug fix"- or "feature" update accomplishes.

You shouldn't trust software just because it is open source. But IMO this is an necessary prerequisite for a trustworthy software.