I maintain a fairly large collection of hosted web and server applications, a large portion of them running WordPress, Django, Laravel, and Drupal. I'm aware of the normal channels for tracking new releases, but what is the best way to be in the know about new security issues without spamming an email folder or twitter feed with every CVE?