From the article:

Mr. Wardle’s curiosity was piqued by recent news that Russian spies had used Kaspersky antivirus products to siphon classified documents off the home computer of an N.S.A. developer, and may have played a critical role in broader Russian intelligence gathering.

From the “recent news” article mentioned above:

Government officials, who would speak of the classified details of the case only on condition of anonymity, said that Mr. Pho took the classified documents home to help him rewrite his resume. But he had installed on his home computer antivirus software made by Kaspersky Lab, a top Russian software company, and Russian hackers are believed to have exploited the software to steal the documents, the officials said.

Honestly, I agree, it’s a serious accusation against Kaspersky with very scant details and allegations made by off-the-record “officials”. Having said that, just because they didn’t present any compelling evidence doesn’t mean it didn’t happen. In the words of Carl Sagan, “Absence of evidence is not evidence of absence.” I’m not sure where that leaves us though lol. Honestly, I don’t trust Kaspersky with my data any less that with any of the other big antivirus companies. I guess it makes sense they would want antivirus software with CIA/NSA backdoors over alternatives though :p

The entire premise of the article is that the Russian government can and has used Kaspersky’s access to perform espionage operations against the United States.

That absolutely is not a nothingburger. Russia is a hostile power and banning software a hostile power is actively using to attack you is perfectly legitimate behavior. This isn’t “malware is using a file transfer application instead of rolling their own”. It’s “this is an application that by definition relies on absolute trust in the good faith of the provider, that is compromised by an enemy state”.