That certainly wouldn't be a good day in the life of any CISO. While the scale of these (so far theoretical) threats are greater than compromising a single server, the threats against the hypervisor are not really any different than vulnerabilities that enable attackers to gain access to physical servers. Because the hypervisor is a more dedicated, and relatively thinner, slice of software than a full-blown operating system, we're going to see many fewer vulnerabilities. In a recent conversation, Andreas Antonopoulos at Nemertes Research summed it up best: "When you look at the total virtualized environment, and you have a pool of 300 servers running on 100 physical servers with 100 hypervisors, what are you going to be more worried about? The attack surface of the hypervisor? Which is about 100,000 lines of tightly written code, or the 300 copies of Microsoft Vista running above it?"
Fixating on the security of the hypervisor itself is akin to taking a long, hard drag off of a cigarette while looking up at the sky and worrying about an asteroid strike.
Sure, it could happen. But it's the lack of taking care of the basics that will probably bring you down. So, rather than obsessing over hypervisor attacks, it's best to make sure that all of the software running on top of it is snugly patched. That the intra-VM traffic is vetted just as tightly as traffic that transverses the hardware. And that all of your change-control processes are maintained.
Sure, you're going to have to keep an eye out for hypervisor vulnerabilities and exploits. But if you have good layers of defenses in place, it won't be the end of the world.