Monero has a tried and tested threat model and secure design. In Lightening, everyone always knows the recipient node. In Monero, no one knows anything.

Like anything security related it's never perfect and vulns pop up but by design it is very good for privacy.

The main way Monero transactions are unmasked is by sharing the same UTXO between CeX's, so if you must use a CeX, churn your coins (send to yourself to make a new UTXO).

That's about it. 

DNM admins and vendors trust their freedom to this and the smart ones with good OPSEC have been operating for many years. 

I would love to see Lightning support the same level of privacy but it's still early for LN on the privacy front.  

 Yeah, I didn’t know the CeX unmasking thing.

AFAIK, “no one knows anything” isn’t quite true. They don’t know anything yet haha. As of 2020 Monero was vulnerable save public address extract sees later (post quantum) attacks, whereas lightning as a sender may be safer since your data isn’t as available in the long term (it’s not on-chain). Maybe monero is post quantum now?