The general conclusion "NoSQL is insecure" which the author is trying to make hardly follows from the mentioned facts.

They say a concrete product, MongoDB, has alarming security flaws? That might be true.

But does it mean EVERY NoSQL database is insecure in principle and by design? No, it doesn't.