Yes, there is countless examples of root CAs containing compromised CAs.
This incidence with digicert is not about a compromised CA it is about a flaw in their validation system. That is not what you claimed. Such flaws happen from time to time, lets encrypt had an issue a while back too.
And? If you cannot trust then you should not use them when you want to do something that is private and should not get looked on.
And if there were signs of misuse of the trust, then they would get removed.
It is actually really easy to monitor thanks to CT.