Web browsers are almost unique in how hard it is to make them resistant enough to attacks to fully protect the interests of their users. I know that when my local copy of Firefox got a malware infection, I reacted by switching to Chrome. That was about 2.5 years ago, and I have yet to switch back.

(More on why I switched. I like to tweak things, and had gotten used to about 8 or so about:config customizations and a handful of Firefox extensions. The infection added tons of phoney about:config customizations, and it would have been tedious to identify which customizations were mine and which were the infection's. IIRC, if I had had a backup of my customizations unmixed with phoney customizations, I wouldn't have switched. I.e., basically I switched to avoid my having to learn how to back up my about:config settings and my choice of extensions. I recall spending some time with a search engine unsuccessfully trying to learn.)

For a case study here, see https://www.youtube.com/watch?v=Y6SSTRr2mFU

TL;DR: Rust's concurrency guarantees made parallelizing CSS layout feasible. They tried it in C++ twice, and failed.

One of the early justifications for pursing Rust at all was security; an internal survey of security issues was done, and over half of them were memory-safety related. At the same time, browsers need speed. Traditionally, you get either speed or memory safety in a language; Rust gives you both.

Because within that codebase there's an untold number of exploitable memory errors which put users at risk. Browsers have critical security issues all the time.

Exactly, and besides, if you want to write secure software it is also mostly a development process thing, and not just what programming language you write it with.