Honestly they’re still pretty vulnerable. Maybe firmware is a bit better, but it’s a configuration thing that often gets overlooked in corporate networks. The amount of open SMTP relays I’ve run across in printers is a bit ridiculous, but it’s always fun to start phishing people with internal emails.
Not really a concern for home use if it's not networked. If it is networked, make sure you at least have it behind your firewall, disable any remote access/remote printing features, and ideally update the firmware as well.