Too many Linux users seem to have this assumption that their OS is immune from security issues. This is worrying. I have to manage a mixed fleet of machines and at least I know when and where to look for MS updates.
By far the worst security flaw I have seen in the last few years is the issue on Citrix ADC/NetScaler reported in December. It is the only flaw I have seen actively exploited recently. A clients appliance was hit over the weekend as we were still waiting for approval to apply the mitigation. This happened almost as soon as exploit code was made public. Although not Linux it is Apache running on FreeBSD, another supposedly secure FOSS combination.
No matter which OS you run, if you don't patch you are in danger of being compromised. Sticking your fingers in your ears and going "LA LA LA Linux" is a poor way of managing machines.