start by reading hackernews or similar, and search up the malware they talk about to see what security companies say about them. :P
a big ransomware thats been out recently apparently bought access to various corporate networks for example. Things like this should tell you a lot. Forget about being the elite basement nerd who hacks into the government servers, executes some keybound scripts, and has the system taken over using three 0days. Most non-fed shit revolves around phishing, scanning + bots, scamming kids into downloading ur malware, learning existing tools and frameworks, and applying old hacks to existing vulnerabilities.
Also a lot of og hacker shit, much of it was just focused on security and hosting services… i.e. how to make a computer/networks work for me
. So first learn that shit. Then learn common tools and software. Idk if this is a good answer, but its something i wish people had told me directly. Part is writing code and reverse engineering, but lots of the more practical shit is less technical.
(also ur sass to other posters isnt warranted - learning computer shit is like 90% researching what others know and have documented, if you cant just look around for answers and want it fed to you then you probably really wont learn much)