I'm guessing they meant because malware can now run commands as root without prompting for a password, however I'd argue that if you have malware running as your user in the first place then that will likely be more damaging to you than it getting root and modifying your system, as it will be able to access browser session cookies, personal documents, etc.
Personally I don't have passwordless sudo but I'm also curious as to what the attack vector might be here if you were to enable it.
The virus/malware could change your $PATH or create an alias for some command that normally prompts you for your password (even sudo itself) and trick you into revealing your password to the malware. Maybe even install a keylogger depending on your OS.
Basically, if you have malware running as your own user, I'd be surprised if it couldn't find a way to trick you into typing your password to invoke sudo. Even then, it can probably do quite a bit of damage without sudo.
So then the only scenario a sudo password could possibly save me from is when I have malware already running as my user (and it's unlikely that it would help anyway due to the tricks I just mentioned). Of course everyone should do what they think is best, but personally if I were in this scenario it's pretty much game over anyway, so it's not something I'm going to worry about.