It contains allegations from USA about Chinese Huawei using their hardware for spying American companies. There is also allegation that Supermicro had intentionally left specific IP-addresses open in their Base Management Controller. I didn't find a single trace about that, however, there is a security warning by SEC Consult about Barracuda-products having something similar what they describe in the article.
Taiwanese Supermicro is not totally innocent. I found that they had/have a flaw in their documentation. They failed to mention that their IPMI implementation has two admin-accounts. That is pretty rare when it comes to networked appliance. Typically one admin-account will do fine for most of us. Intentional or a honest mistake? Nobody knows. And those who do, won't tell.
The second one is from almighty Bruce Schneier. It describes findings about general lack of security in those very critical systems used to manage the servers. Consumer products are safe, they don't have BMC / IPMI -chips in them.
I have one Asus ASMB4 and one Hewlett Packard iLO 2 on-line at the time of writing. The Asus BMC doesn't survive two weeks in the wild Internet. There is an unknown flaw to shoot it out of the Net somehow. That's why I put a firewall appliance in front of it. The HP iLO 2 seems to survive in the wild, however it has a very sluggish response time and absolutely requires a firewall also. It seems to be a target for lots of incoming traffic. Those BMC-boards are tiny both in physical size and computing capabilities, it doesn't take much to overload them.