Re: So: should I choose WP?
I like WP and have only ever had one hacked...and that was an inside job (disgruntled ex-employee that nobody told me was ex).
A lot of the sites in the article were either not updated; or had glaring schoolboy errors in the configuration (the username and password being the same as the domain name FFS...I've had sites like that handed to me by agencies on more than one occasion).
1) Don't use 'admin' (the default) as the username
2) Keep plugins to a minimum
3) Keep site and plugins updated (It's just the press of a button or you can instruct the site to keep itself updated; but there's a risk there of a bad update...I prefer manual)
4) Don't have the "display name" and "username" the same (Display name is what wordpress uses to say "this was posted by $display_name" and username is what you login with
5) Use a decent password
6) Install 'Wordfence' and 'All-in-one security' plugins...they play nicely together. Spend some time going through the AIO security options...that covers most of the obvious bits.
...then you should be OK. Now WP is the most popular; which means that it has the most hackers going after it; but on the other hand they do find and sort holes all the time, so double-edged sword there. Nothing is going to help you if you're going to be pissing off state-level players; but the above should be fine for screening out the background radiation of people trying it on just because.
Wordpress' big advantage is that updating is really easy. Other CMS like Drupal and Joomla you have to take to bits to update; which means you tend to put it off.