Because of my own personal horror stories of waking up to finding high priority linux servers broken, due to nightly automated updates, I now prevent automatic updates on my servers. I only do manual security updates. In addition to implementing modern security techniques for our network. That is just my personal belief system. It's worked for the past 25 years.
The only time we ever got hacked, was because of some stupid php scripts that our developers had put online, or because people's passwords had become leaked. And some of those situations were nightmares also. In two case of which, happened while I was away on vacation, and I had to fix everything remotely. But that was never due to updates.
I probably shouldn't express my opinion. But I have a lot of empathy for the guy who discovered his mailman broken due to upgraded Python. Which triggered my nightmares.
But it's great though to have a very responsive community here, to bring people back from the dead. - Mark