Many people still use package managers though and these run such checks and disclose infosec events. And I still know enough other people who also look at the checksums of individual downloads when needed.

Piping curl to bash, especially a copy/paste from a random blog is way too easy to exploit. Most people might not realize if the unicode they copied from a website silently translates to a different location than what they thought they read in the screen.