from the article:

"There is no indication that any of the vulnerabilities were actively exploited.".

--Actually these vulnerabilities have been actively exploited for a long time.

i cant find it again yet, but i recall a public statement being made about a large number of US ISPs are currently compromised, by such groups as typhoon.

a side channel [agency "contractor"] regarding such issues has told me this has been happening for years.