"there's no reason to think other SSH apps don't harbor similar, and possibly higher severity, vulnerabilities that can be ferreted out and exploited by more motivated threat actors."
This is entirely possible. It will be interesting the follow up on the future research around this area. If found, such additional vulnerabilities would still require active MiTM to exploit, something that limits the impact somewhat, at least. They would also be limited to specific (typically far more marginal) implementations.
In my opinion this does not necessitate immediate security response. Normal upgrade processes can be employed.
"This breaks the entire integrity of the SSH connection."
I beg to differ with this statement. It breaks the integrity of the handshake phase of the SSH session. Combined with the fact that the truncation attack is limited to only removing parts from the handshake significantly limits the practical impact of this vulnerability. It definitely does not break "entire integrity of the SSH connection".
This doesn't reduce the value of the research, of course. It definitely is significant and valuable research. Also, the researchers themselves were clear to point out the limitations of the impact. It just seems that media got too carried away.