I think one has to distinguish between nodes running on client and on a cloud server. Running bitcoind on cloud services is probably more risky as virtualization is an additional attack vector. But as these services become very cheap it is very likely that we want to run nodes on servers instead of P2P personal computers, at least for low security applications.
I'm working on a packer.io build script which can be used to deploy bitcoind servers (virtual machine images to be exact). It can be easily adapted to the various providers (or even multi-provider), as this is build into packer.
Recently there was an Digitialocean leakage reported, when you not properly remove droplets (machine images). A few years ago a Linode employee allegedly stole money (haven't investigated the claims but the possibility is always there). For AWS security see:
http://awsmedia.s3.amazonaws.com/pdf/AWS_Security_Whitepaper.pdf But as the largest websites are run on the biggest providers, these should get more safe over time. It would be interesting to think about how cloud servers can be run as safely as possible. It allows people to run full nodes, basically on the click of a button. I would argue this is much better than online wallets.
I highly suggest not storing funds on any online computer