Because unless you can fund several teams - kernel, firmware(bios,etc), GPU drivers, qemu, KVM, extra hardening(eg. qemu runs under something like bpfilter) + a red team, security through obscurity is cheaper. The attack surface area is just too large.

What is this "security through obscurity" you're talking about? We're talking about running linux in a VM running in a browser. That has just as much attack surface (and in some ways, more) as running linux in a hypervisor.