These issues only really apply to servers who’s IPv6 addresses have been published, for example by DNS. the traffic will likely be traversing the same dual stack ipv4/6 infrastructure meaning routers, firewalls, load balancers etc which all need configuring to pass traffic which means someone’s taken the time to do it so why would they not apply the same security as they would for ipv4?
Most IPv6 stacks for home users will change their addresses frequently meaning the whole allocated subnet will need scanning for vulnerable machines who’s ip’s will change. The attacker could get lucky but it requires a lot more compute and sophistication to perform the attack.
So this article is all about spreading fear uncertainty and doubt.
The funny thing is that securing IPv6 means breaking the end to end philosophy many state as one of its positives.