I used "Most" instead of "All" mainly for technicality.

TL;DR Rock-Solid encryptions exist, but that doesn't guarantee everyone is using them or using them correctly.

Firstly, just because there's options for solid encryption algorithms doesn't mean they're universally used. For example, the chat app that Bob down the street wrote could be using a very weak Caesar Shift encryption rather than something strong like AES or RSA.

Secondly, some encryptions are only as strong as their choice of key. For example, RSA uses prime numbers to generate keys in a way that's very not ELI5. Basically, 3 primes get used to generate an "encrypt" number, and a "decrypt" number.

If you follow guidelines, the secret "Decrypt" number is practically impossible to guess or calculate. However, if you choose irresponsibly bad starting numbers then a hacker can look at your public Encrypt number and go "hey, that looks like they might have..." and workshop the secret from there.