"uninstall" points at a very specific type of exploit.

Assuming it's actually necessary to uninstall.

It might just be that "uninstall" is the simplest one-word advice you can give that will definitely solve the problem.

Another xz case?

That's what it smells like but this is still a weird way to disclose something like that. I imagine some people with free afternoons are taking a stab at auditing atop's PR history right now. I'm not personally up to the task, but the fact that the top 3 contributors other than the original author are ByteDance employees might cause some to jump to conclusions.

Does atop have any legitimate need to connect to the network? I can’t think of any legitimate accidental security holes that might show up in something like atop, but then, these utilities often have funky features I don’t know about!