> "[VPNs are] used by around 20 per cent of European internet users they encrypt users’"
I think it is more like 2%. I don't know anyone but me who uses a VPN. I'd even say that if I picked 100 people I know, less then 20% know what a VPN is.
Furthermore, the article makes IPv6 sound bad. If I didn't know what IPv6 and VPNs are, I might think it IPv6 is bad, too. I'm also interested in knowing which VPN softwares they tested. While I'm certain that old VPN Softwares leak IPv6 IPs, I can't say that for all VPN softwares I use: OpenVPN (on Linux and Tunnelblick on Mac) and Mac's built-in VPN software (which supports L2TP over IPsec and PPTP). It is really a shame, though, that my VPN provider does not support IPv6, yet.
The only thing that really leaks my real IP is WebRTC. Thanks to WebRTC, everyone can see my real IP address and I can't disable in google chrome. If you want to check what information your VPN is leaking, checkout: https://ipleak.net/
I think you significantly underestimate VPN usage. Many jobs, including large public service employers, require connection to a VPN.
So yeah the chance that 20% of internet users in the EU use some sort of a privacy oriented VPN service is nill.
IPv6 has always had many issues, it's entire auto discovery mechanism is a big big security gap.
As for your plugin claim, if they don't know what's going on, they wouldn't answer yes to the question about VPNs.
Both the OP and the first link use data from the same source: http://www.globalwebindex.net/.
 although cooperations try to sue people for streaming from sites that don't pay the IP owner, they don't have a lot of success since the video is not saved to disk nor is it redistributed. Only distribution of illegal in Germany and Austria
Some OS's will grant IPv6 priority routing, and virtually all of them will issue DNS requests on both IPv6 and IPv4 if a DNS server is also configured on the IPv6 interface.
The DNS hijacking happens because a DNS request sent over IPv6 to a DNS server doesn't have to be for a AAAA entry, you can request simple A entries with DNS6.
Since the attacker is on the same network his replies to your DNS requests would usually arrive much faster unless the entry is cached so they can return anything they want and they'll get their first :)
In that link you've posted the OP basically suggests that AirVPN client (which is i assume an OpenVPN preconfigured client) will configure the IPv6 address settings on the host with either real or dummy IPv6 routes to mitigate against these attacks.