Drag-and-drop seems to have an excellent UX. The semantics are incredibly clear: Take this data from this app and put them into this container in that app. Any insecurities would be an accident of implementation rather than part of the core design like with copy-paste.
Or, how is drag-and-drop insecure by default, and what alternative do you propose?
I'm not saying that drag-and-drop is insecure, but that it's not an ideal UX. I, for one, don't enjoy using it on any OS, and I guess I'm not alone.
The alternative I propose is a native solution from the OS to pass data securely between applications. Not workarounds like drag-and-drop or built-in app keyboards that force me to change my workflow.
Or, how is drag-and-drop insecure by default, and what alternative do you propose?