OK, I can't follow this one.
On the one hand, we're told attacks are already tapering off. That has IMHO nothing to do with "boredom" (malicious hacking is about making money, not being bored), but suggests that the payoff is less than expected. Every time someone tries to hack a system, it flags them as a malicious entity so you don't waste the times you stick your head above the parapet (at least, I wouldn't if I was maliciously and criminally inclined) - a lack of result is a good argument to find something else to do.
On the other hand, we get these messages that it's far from over and doom may yet descend. I don't buy that. There is no quantitative data that outlines exactly why this wave is over, I can only venture that this was a vulnerability that was a lot easier to fix than Heartbleed, and that many people have reacted to the urgency and have availed themselves of the ability of Open Source based platforms to put an interim fix in before the official patches came through.
After all, the patches were not exactly rocket science, and most of the people who are exposed to any version of Unix have a passing familiarity with checking code signatures and compiling - even in OSX it costs nothing to add those resources in the form of Xcode.
As I said, this is but an as yet unconfirmed theory and I only have the feedback of colleagues and my own experience to back this up with, but it strikes me as a more plausible reason than "boredom". That's just plain weak.