Because operating systems don‘t support seamless and secure distribution of cross platform software. Web browsers are currently the only secure sandbox we have.
Cross platform, right. So we ignore the perfectly adequate operating systems with their mature GUI frameworks, system calls, filesystems and programming language support, because having separate teams for different platforms is apparently too much, and instead we over-engineer the fuck out of web technologies (both front and back end) to the point people are estimating their RAM needs using the number of Chrome tabs they use.
Functionality is often largely independent of platform specific features. Spending limited resources on re-implementing stuff five times over can result in a worse experience for users than focusing on a single high quality cross-platform solution that is easy to distribute and keep up-to-date.
It completely depends on the specifics of the app. Some apps benefit from tight device integration. For others it's a waste of resources that could be spent on features.
What other platform allows arbitrary code execution like the Web does? We have billions of Internet users yet actual security issues are few and far between. It's remarkably safe and secure given the scale
To be safer than other platforms doesn't mean it's safe.
And because Chrome is dominating it's a huge target.
And at the moment the browser access to the underlying infrastructure is limited.
