But in fact, now many popular Exchange platforms such as Binance combine CEX and DEX and are now also available with Web3 which makes it easier for users to connect to Binance using the address created on Binance's Dex.
They are capable to build those products, DEX and Web3 wallets, why they refuse to do it if it brings income to their business?
It is what Binance and other centralized exchanges have been doing, building fake DEX and also web3 wallets, as one of ways to increase their business income and at the same time help them to lose customers to actual decentralized exchanges.
It all depends on whether people want to use it or not.
Problems with security or vulnerability to hacking, it's a choice of whether to use it or not.
Now new investors are no longer critical of CEX or DEX issues, they can only use what has been created and provided, especially with quite complete features.
But all do need to be aware and your key is not your asset. DWYOR.
They can use actual decentralized exchanges, with no KYC policy
https://kycnot.me/With Web3 wallets, they must be careful with token approval access to their wallets. There are three tools to revoke smart contract access.
How to revoke token approvalshttps://app.unrekt.net/https://revoke.cash/https://etherscan.io/tokenapprovalchecker