Apparently some new variations of Meltdown were discovered to work on Ryzen and there are new Spectre variants all the time. Realistically neither AMD or Intel is really secure from side-channel attacks. AMD has less market share and their architecture is newer and not as well understood, so it's taking longer for their vulnerabilities to come out, but the genie is out of the bottle now and you have everyone looking for ways to breach security through speculative execution and memory management flaws. Since nobody wants to take the massive performance hit from disabling speculative execution entirely, these problems are unlikely ever going to be fully fixed.
For typical desktop use the mitigation patches have had little impact performance wise. These are a combination of Windows Updates and CPU microcode updates usually delivered through BIOS updates. The big performance hits that these patches cause mostly effect server workloads eg. databases and virtualization far more than desktop workloads eg. web browsing, games, video encoding and so on.
Bottom line is, that Spectre and Meltdown probably shouldn't be the primary factor in deciding whether to get an Intel or AMD CPU.