And executable you run has access to any file in your home directory, including SSH private keys, secrets in config files, browser cookies, passkeys—all of it. That includes the thousands of npm modules installed as a transient dependency of at least one tool you use that brings node as a dependency.

Windows at least has a proper ACL system; on Linux it just takes a single compromised executable to loose everything.

> Linux excels over Windows in the area of security by a wide margin

No, this is wrong but might be true if you are talking about Linux package manager vs. Random Windows .exe on internet. But if you are talking about Secure Boot, encrypted disk, sudo etc. Windows is more secure but it looks like https://amutable.com/ will make Linux more secure like Windows.

Edit: Some insecure things on Linux: Dbus (kwallet etc.), sudo, fprint, "secure boot".