A VPN basically is a solution to get you “1 step beyond” your current location, if you feel it is needed.
f.e. In a coffeeshop you might hesitate to get on to the unprotected local wifi to do some work. A VPN solution would help “hop” you through the local wifi to a different location (exit node).
Any solution, even a VPN solution, should always be looked at with care, and you have to make your own risk assessment.
I have encrypt.me on always when not on a trusted wifi, and I only trust 1 network (my own home nw)
But, that is just for regular internet browsing work, and maybe processing email (through protonmail)
When it is more sensitive I add another VPN layer to the mix and tunnel into my home network, and continue from there.
But, it is always to get “1 step beyond”, not to provide full security or privacy protection.
This means additional security controls are needed like using a secure email provider, get a provider that has DNSSEC enabled and so on. But that is up to each individual situation, and the risks associated with that situation.
A VPN is a tool to get to a solution, not a solution in itself.
Actually Tor is funded for 80% by the US State Department, the Broadcasting board of governors and the National Science foundation. But funding is also received from European governments and many NGO’s.
So yes, funding is received from some US government departments, but there is no indication whatsoever to indicate there is any “controlling” going on. Even better: all software is open source, and I have never seen any report of “US controlling ToR”
If using ToR is something that can keep you safe or save your life, please keep using ToR.