Neither closed or open software is safer than the other in my opinion. If someone wants to find a vulnerability they will find a vulnerability. The only advantage open source maybe has that it’s harder to hide vulnerabilities for years and it’s more obvious if they don’t fix it. But personally I wouldn’t use open source just for safety reasons.

Even if you don’t buy a lottery ticket an infinite of you wins

Started with Bitwarden years ago, then I used 1password for a few months and now I’m using Keepassxc (Keepass2Android on my phone).

And I recommend everyone to use one. Not necessarily Keepass if they are not very tech savy (database synchronization can be a little bit tricky but not hard). Bitwarden was good too but Keepassxc supports adding ssh keys which is a big plus for me.