It would be nice if Direct Messages (DMs) or Private Messages (PMs) were treated like email and only sent to the people you are sending it to.
But generally, on most platforms, if you mention someone in the top level post, they are assumed to be on the recipient list. (Note, some platforms, like Mastodon, treat every post as if it were a top level post.)
Hubzilla has more privacy features, which prevents your messages from leaking to others, but part of that is because we use the Zot protocol between Hubzilla instances, and can set privacy at the thread level (i.e. the permissions of the top level post is the permissions for the entire thread).
When the same conversation is sent via ActivityPub, we lose a lot of control over the privacy of that post. We can and do address it to specific recipients, but other platforms don't have the same types of access controls, which means we can't enforce the access control list for that conversation on those platforms.