fria Keep router updated, use WPA3, set a strong password, when you have guests over make sure you have the guest network on and tell them to connect to that so they can’t access your main network, don’t set it to hidden
If you only have main and guest networks, consider which IoT crappy product to connect to each. We buy TVs that have 1 or 2 year of firmware updates and keep them for 15 years. Ideally? Don't connect it to the internet at all.
On a different note, it seems routers are still OK:
https://www.cnet.com/home/internet/does-your-wi-fi-router-track-your-browsing-i-read-30000-words-of-privacy-policies-to-find-out/
But, if the router can be flashed with OpenWRT, I wouldn't think twice. You'll find the joys of having a firewall, a VPN set right in the router, VLANs for your IoT (if your router supports it), etc...