Wordpress - Subscribe to email for security fixes?

I know this is an old question, but it's worth adding contemporary information.

There's a security announcement list provided for free by a company called WordFence. They send out relevant information on insecure extensions. Head to their website, and you'll see a signup field (currently it's at the bottom of their site).

That company also makes a plugin called WordFence (free and paid versions available) which has a large number of security features for your website. When you install that plugin, your site becomes part of the greater WordFence network which determines common attack patterns through crowd-sourcing. So your site is protected if someone else's WordPress site is attacked.

I also recommend regularly checking the WPScan Vulnerability Database site managed by a team of security testers. It's essentially a database of known WordPress core, plugin and theme vulnerabilities.

There is a plug-in that will send you an email whenever an update becomes available (security updates and otherwise). This will be one of the easiest ways to get notified via email:

• Update Notifier

Alternatively, there are usually emails on the WP-Testers email list immediately following an update. You can always subscribe to that to see both when updates are ready and when users find exotic bugs that might affect your system.

Finally, the core team is fairly consistent in blogging about security patches on the WordPress Development Updates site. And, conveniently, the site offers email updates :-)

So there are three different options ... hopefully one will work for you.