This is utter nonsense. First, let me point out that this is an ad for Surfshark, a VPN company. They're trying to sell you their service by scaring you.
Second, their methodology is absolutely useless, it's an easy and very common way to come up with a clickbait article like this. They're just looking at app store permissions, and assuming the app with the most permissions is bad and the one with the least permissions is good. Which is utter nonsense, it might be that the apps with more permissions NEED those permissions because they have more FEATURES.
I could make a "language learning" app that ONLY asks for the audio recording permission, and then sell audio recordings of my users to the highest bidder. But Surfshark would praise my literal spyware as "privacy-focused" because it only needs one privacy permission!
The way to ACTUALLY do this properly would be to fully audit each app, find out WHY it's asking for additional permissions, go over the full privacy policy, and do some packet captures to figure out when the app is phoning home to send data, and what servers it's connecting to. Contact the app owners, ask them why exactly their app needs each permission. Consult some experts.
But that's too hard for Surfshark, they just want to write a scary article so that they can sell you a VPN that doesn't really make you safer on the internet.
EDIT: You know why I dropped Surfshark? They started bundling a "virus scanner" in with their "privacy-focused" VPN client. So my "privacy" tool wanted to scan all my files all of a sudden? GTFO.
SIM cards do sometimes malfunction, so if that happens and you glued it in you're kinda screwed.