True. However, such high-value targets would be isolating the Tor process and apps at the hardware level. It's over my head, but I can imagine elements from Tinfoil Chat and Qubes Air.

And yes, vulnerabilities in Tor have been exploited. So it's prudent to hit Tor via nested VPN chains, just in case.

Could you use a ring of VPSs spawning independent VM sessions, which are randomly connected to as needed, and puppeted by scripts or ML, used by others in the meantime, and torn down randomly and on a schedule. Cloud hop in the noise.