Some security patches are for actively exploited vulnerabilities. Others are for theoretical vulnerabilities. In any case, it is always a good idea to keep your website software, whatever it may be, upgraded to the latest version at all times.
Problems due to upgrading are very rare. It is possible to clone your site and test the upgrade. And of course a full backup before doing anything to your site is always recommended.
There is a relatively new add-on for easing the process of upgrading MODX,
UpgradeMODX, as well as the
Updater add-on that can be configured to notify you by email whenever there is a new version available.