I thought I disabled ads in Safari by selecting, under cookies and website data, "allow from current website only". But new cookies from domains I've never visited keep spawning. What am I doing wrong?

It's because unbeknownst to you, the sites you visit are requesting javascript or a tracking pixel from these other domains.

I'm not sure, but I have had web sites I need to use like my bank (a large well-known multi-national bank) complain when I browse in private mode. It seems to work anyway, but it tells me several times that things might not work unless I turn off private mode. I don't know if I'm lucky, or if they're just lying to get me to accept trackers.

Private mode allows cookies, but deletes them when the session ends.

I've had third-party cookies disabled for ~five years and noticed no problems.