Shlomi from JSOF here. The firmware we looked at was an OfficeJet Pro 8720 with a relatively new firmware version From latest 2019. We've seen some of the features that you're talking about including Automatic firmware update, and others we weren't looking for. The firmware can be downloaded from the web For the purposes of reverse engineering for security research.
We will be going into further details and more information in the next post in the series.
My understanding is the 2019 hardware has secure boot -- which the 2016 hardware cannot support.
The 2016 era hardware has relatively modern firmware versions available, but the hardware security is likely different and therefore the potential hacks will be different. Lots of opportunity to explore.
We will be going into further details and more information in the next post in the series.