...Decentralized applications are run from source code running on the blockchain network so these applications are not controlled by any individual or organization.
The "decentralized" in Dapps is quite misleading. You could interact with these applications without the need of a middle man but I wouldn't go as far as saying nobody can control them. I am pretty sure you've read about hacked DeFi platforms freezing activities like farming and staking pools.
And it's also hard to update Dapps, and much harder to maintain, specially if it become too complex.
For the updates, you need every node to comply so it might take some time as other nodes might not cooperate, you need a consensus, per se.
And then the security risks that you mentioned, it's the most important part of maintaining Dapps. So I would say it has it's limitations as compare to bitcoin.