Maybe, hopefully they figure it out, Vitalik Buterin et al are certainly working on it -- but there is no proof yet that a Proof of Stake system can function at scale like a Proof of Work system can.
Bitshares and Steemit are both based on Delegated Proof Of Stake and work great. If you're interested in Decentralized Autonomous Organizations you should definitely check them out
There are vulnerability disclosures on these platforms as much as any other piece of software you are accustomed to. Sometimes upgrades are rolled out before an attack, sometimes an attack just happens.
Where we are right now is that the news aggregators aren't that good, and the interested communities are currency specific who will downvote censor any potentially negative discussion because of their investment.
An odd thing to say because that same argument could have been used when bitcoin and Ethereum's combined market caps were ~$500m and were still orders of magnitude higher than their competitors. In fact, many experiments on those networks were NOT tried by developers because they were "soooo big and financially important" at $500m valuations.
Due to this relative nature, I don't think that is valid reason to shut your mind off to discussion by trivializing other network's sizes.
Cryptocurrencies gets attacked all the time. Much smaller and more insecure cryptocurrencies are double-spent where possible, because these "bug bounties" are still worth several hundred thousand dollars.
Its not international news when it happens. It happens.
