Security asks for more than a memory safe language. It helps some things for sure, but there are tools for other languages as well, you better start using them.

Clearly there is too much telemetry in most browsers by default and it's worsening. There are a couple of exceptions though.

There's clearly a tension between security and ease of pulling dependencies. In a way, it's "too easy" with cargo and you very quickly end up having to trust a staggering amount of third party code.

Illustrated with the Clojure ecosystem, bit there's nothing inherently specific to the language here. If you want to ensure stability to your users, you need to manage your APIs properly and this article put forward a couple of interesting ideas.