You're forgetting SQL injection and XSS, to name a few. Wireshark in a
cybercafé pops into mind too plus a gazillion of windows
vulnerabilities.
I'm placing no bets on Whether-or-not-it-was-systemd and find that
discussion moot unless there's any solid details on the hack.
Does Devuan keep up to date with known CVEs in its repositories (for
apache and what not) would qualify as devual-related and relevant.
And i try not to project my a/moral views on others so the fact the
site is about adultery is totally irrelevant to me, from a
computer-security perspective.