I ran OpenSUSE Kalpa for a long time. My threat model changed, though. Secureblue was impractical for me, so I opted for Arch + DWL with a declarative config, my own hard fork (work in progress) of transactional-update meant for Arch, with most of Secureblue’s defaults. I did loosen Flatpak permissions (but still only use verified) and use Xwayland for a work app. I’ll address each of the articles subjects below.
SELinux
Was developed by NSA. I understand they forked and moved on with their own version. I have personally seen companies follow best practices and still get compromised by advanced groups. If your threat model is state entities (or those funded by them), this site is not your primary source of information. They will get to you from your WiFi echo, from your conversations over BlueTooth devices, from your streaming history, telemetry from your car (if built since at least 2015—you can disable this, though), or the multitude of cameras scattered wherever you live. If you’re freaking out about SELinux, and the state is your threat vector, you’ve got a lot of learning to do. Google is not breaking through your well configured SELinux policies; even they have a line they won’t cross.
Wayland
HUGE improvement over X11. One of the best display protocols out there. Still, likely many holes that need patching. Also a huge PITA if you need to do we conferencing or screen recording, but if those aren’t an important part of your workflow, it’s a great option.
Agama
The SUSE team is aware of the issue. It’s assumed that if you’re a user, this won’t matter. If you’re an enterprise, your deploying with Ignition.
Cockpit
RedHat did this by default, too. Very annoying. Easy to uninstall and won’t break anything.
Telemetry and “Phoning Home”
The only thing I’ve seen is data sent to get updates, and some package usage survey data. The latter is opt out. The update blobs are signed and encrypting each of the many thousands of requests received daily costs CPU and network bandwidth. If you have to encrypt your signed public software, maybe get your tin-foil hat resized. It might be too tight! 
SLES Binaries
This is a good thing. There are a lot of large companies that use SLES and they don’t want anyone stealing their data (hurts profits). Their eyeballs on top of review from the non-enterprise user community means leaner operations for SUSE, and better auditing of packages and code. This is a win for everyone.
Privatization of SUSE
The main reasoning for this was to take market pressures off of SUSE. There’s a lot of European finance companies that rely on SUSE and being in a public global market meant they had to focus on profitability over features and quality. This was harmful to everyone and stressful for the maintainers. I know quite a few folks over there and most of them say this was a good move for everyone and work has been fun again (usually) for the last couple years.
I think the takeaway is to know what your threat model is, and incrementally learn what your threat vectors are, and iteratively attack each vector. Security and privacy are knobs, not switches, and they need constant tuning with every change in your life and every use case. Hope this is helpful.