That is an extremely old article (TechRepublic at that) and it doesn't highlight the root cause of how the compromise occurred, which was through using outdated WordPress at the time.
There were several other issues like some lack of ISO verification methods, etc, etc.
Malicious code or a backdoor wasn't "slipped" into their release, it was that whole ISO download link on the website was replaced to direct to a modified ISO that included remote access botnet malware. Their actual release and repos were not compromised from what I remember.
While ultimately the issue was the Mint site being compromised, anyone that didn't do their due diligence verifying that when they went download Mint that it was actually downloading the ISO from absentvodka.com, really can't say anything. Back then Mint only used MD5 for ISO verification, Mint and the world in general has moved (at least tried) on from that (or should have), and typically ISOs are signed using public/private key pairs.
Want to verify our releases are good...
https://mxlinux.org/wiki/system/signed-iso-files/
As far as updates, MX consists of Debian packages and ones we build ourselves. Packages come from the MX Team which does its best to only build off of official or vetted sources, provided packages are also signed, verified when they are added to the repo, etc, etc. This is no different than "more corporate distros" as the mechanisms are the same really.
If someone adds random repos to their install we can't control what comes from those.
