Example: Windows XP possibly deserves the label "miserably insecure". You put it on the Internet for a minute unpatched and it's quite likely infected. I have an unpatched XP Virtual machine I use for embedded development. I don't use the Internet on it. I regularly reset the snapshot back to a former state. Is that XP box really "insecure"?
</rant>
I will prefix the rest of this by saying I spoke at the Wireshark conference for its first three years, know many of the core team personally, and have even contributed an (embarrassingly small) patch to the product. So Trevor's message, while well-intentioned, struck a bit of a nerve.
If you didn't read the first link, the main point is that they have putting an emphasis on finding bugs lately, both through code reviews and automated static analysis. So the fact that you're seeing updates is because the team is driving out the bugs. Most OSS projects don't do this, so the only people looking for bugs are the bad guys.
The kinds of bugs found are often in the protocol dissectors. Unless you ignore the warnings, those all run unprivileged. Our adversary needs to be able to put packets on your network for you to display in Wireshark. We aren't on the same level as putting an unpatched Windows XP box on the open Internet.
So while I agree you should update frequently, unless you are in an environment where you expect people to be actively attacking you, you should not feel the least bit of worry when you run Wireshark, or the least bit of shame for something that might be called "miserably insecure".
If you still like reading,
https://research.microsoft.com/en-us/people/mickens/thisworldofours.pdf is actually pretty funny. There are a few themes, but the relevant one is "your security measures depends on your adversary. If the Mossad wants your data, there's nothing you can do. A good password is enough to keep your ex-boyfriend out of your computer though"