I thought MultiSig wallets were very secure,
Nothing Bitcoin related is just secure or insecure on its own. They are secure if you do it correctly and insecure if you don't.
1) An address of a 2-of-3 setup therefore contains the public keys of all three cosigners. In order to generate a correct address, you have to be able to rely equally on all cosigners.
It comes down to why you are doing this. Are the 3 cosigners 3 members of a company board? Or are you using something like what Electrum 2FA offers? These are different scenarios. For example the Electrum 2FA is a 2-of-3 multisig and you control 2 of the keys so there is no way the "server" that has one key to scam/blackmail you.
You see, it depends on how you use it and why.
With an “xpub”, an extended public key, all addresses of an account in a Bitcoin wallet can be derived.
Not all. Only keys at non-hardened paths.
As for the problems you are listing involving hardware wallets, the thing is you always want to use tools that are open source and trustable. Like @vjudeu I don't use hardware wallets either, I only stick to 100% open source software that can be verified. That way you know all the issues you described can not happen.