Security comes with a price and usually not for free (not only in the sense of money).

A hot software-only wallet can't really secure itself from malware and will have a hard time to protect your private keys or your main secrets of your wallet on an infected computer or mobile.

Personally I wouldn't use Ledger crap but most other decent hardware wallets are highly recommended if used properly. In my opinion it's mandatory that a hardware wallet has an own independent display and the user has to carefully check every detail of a transaction before he signs it. There's no excuse to not do this with every transaction because this ensures that no malware can trick you with a manipulated transaction submitted to your hardware wallet to be signed from a potentially infected online device which is needed to broadcast your signed transaction.

I'd rather accept some additional steps with a good and recommended hardware wallet than fear if my computer is still clean or not. People can also aid to keep their device safe from which they do their crypto wallet stuff if you simply don't use your daily driver for it when you do all sorts of internet shit with your daily driver.

Use a dedicated Linux desktop for your crypto coin stuff and avoid browsing with it and doing email on that device. This eliminates a lot of attack surface.

An air-gapped offline laptop is for cold storage and signing is safe, too. But this isn't very comfortable and certainly nothing for someone who complains that Ledger crap is already uncomfortable.