Speaking officially, I would caution #Kalpa users to please keep a level head regarding the current potential issues with Global Themes and other content from store.kde.org
The vast majority of the content there is probably fine to use, but this is all user generated content, and it is on you, as the end user, to protect yourself, and verify what these themes and plasmoids do, if you wish to use them.
#KDE Upstream is having some very serious conversations about how to mitigate this issue, as are the folks that run #Pling (The host of store.kde.org) regarding reporting and review.
It is just important to remember that your machines security ultimately rests in your hands, safeguards can be put in place, and will be, but it's still your machine, and it's possible to break things, no matter the software developers intentions.
We would also like to make it clear, contrary to some of the rhetoric bouncing around the internet at the moment, that upon review, this doesn't appear to be a "hack", but a case of unintended consequences. As near as we can tell, there was no malicious intent, but an honest mistake.