When you think like a hacker, as I learned to in a long-ago role as security admin, martech can seem almost quaintly vulnerable.
Sometimes, DoS/DDoS and data theft openings are knowingly created — and, to be frank, covered up — in the name of demand gen and quick delivery. (You may have seen me sounding this alarm in Community threads.)
But in the common case, users truly don't know there's anything wrong: you're not in IT, nobody told you there was a risk, and your app didn't pop up any warnings. Nevertheless, significant vulnerabilities exist. These vulns are old hat to the security community, but marketing doesn't get those memos.