Use the 3-2-1 backup rule to protect your LastPass data.
MacUpdate has been caught again repackaging legitimate software with malicious payloads.
Adobe plans to patch this next week. I recommend removing Flash from your system entirely.
The plugin downloads malicious code, hijacks your admin account and grants the plugin author full access to your WordPress site.
This malware attacks your website, then converts your electric bill and CPU cycles directly into cash. Secure web hosting is a full-time job. It's constant learning curve adapting to new attacks. From the article at wordfence.com: To summarize, the attacker is leveraging sophisticated malware to control compromised WordPress servers remotely. The servers are being used to both attack other WordPress sites and to mine for Monero, a cryptocurrency that can be efficiently mined using web server hardware. We discovered evidence showing that the attacker has earned almost $100,000 from mining already, and likely quite a lot more.