Daily reminder that Security ≠ Privacy ≠ Anonymity.
It largely appears to be true, yes.
One thing to consider is the attack vector you are predicting may be used against you. Linux (but not necessarily the applications running on it) is far safer against say, remote/network attacks than physical attacks for example. (Obviously, because Linux is massively utilized in the server space and generally servers aren’t being constantly hacked).
The problem is that Linux is basically hidden, it never affects your life. Everything that you are interacting with is a “user space/application related” piece of software running on your machine. Other operating systems like macOS, Windows, and ChromeOS have strong (some more than others) memory protections and sandboxing functionality to keep these applications isolated. That doesn’t make Mac/Windows/Chrome apps more secure necessarily, it just limits how much of your system could be affected. A software vulnerability on a Mac application might let an attacker get access to the private files that app uses, but a vulnerability on a Linux application might let an attacker get access to sensitive files in the entire system.
You could use Qubes? It doesn’t solve any of the security issues within a Linux container on the system, but at least if one Qube is attacked it can’t affect the others.