The thing is that Qubes OS uses child Xorg servers per application to make it so that applications can't read the screen or the keyboard from other applications, whereas Wayland simply builds that into the protocol level so that you don't need that horrible hack. Likewise, it needs VMs to isolate each application or environment from each other and the host, and to make the host immutable and reset on reboot. And we can do all of that now with containers and sandboxes and immutable image-based distros. Not as securely, but at great benefit to performance and interoperability. So personally, I think while Qubes is still the gold standard if all you care about is security, if you want a good balance of security and everyday usability, Fedora Silverblue with distrobox and Flatpaks and a Wayland DE/WM is acceptable enough, as long as you harden the polkit permissions and a few other things like that. And yes, yes, I know the FUD about Flatpak *not being a sandbox" lol