I would post this on the CM7 thread in development, however I don't have 10 posts to my name, so it's here. I also didn't see anything via searching the Q&A with security of CM7 or other ROMs. If I am wrong, or it's been posted, I apologize!
I read all of these posts on the internet about jail-breaking iDevices via SSH, and it made me wonder if a rooted phone has the same vulnerability (via SSH or other method) that could compromise my phone.
Currently, I have TWRP with CM7, and back-ups of everything, so if I do manage to catch something nasty, I have no problems with restoring. But I'd like to avoid all of that in the first place. I realize pretty much all of this can be avoided with smart internet surfing, avoiding un-trusted apps, and making sure the unknown sources setting is unchecked. Anything else?