I discussed this in another mac thread but figured I should make a whole thread to try and raise awareness for fellow mac NS users.
So long story short, there is a critical flaw in the current version of Java in Os10 that was NOT patched by apple in the previous update (for unknown reasons). This is only a vulnerability and there are NOT any exploits at this time. But just a word of warning that OS10 is vulnerable to Java exploits until this is patched (this is a cross platform vulnerability that has already been patched on other platforms). In order to get infected all you would theoretically have to do (again there are no cases of this yet) is load a page/email etc. with bad Java code. You wouldn't have to click anything etc.
The only solution right now is to disable Java in your browser.
How to disable java in safari:
This news has been out for a couple weeks. I didn't bother writing about it because I figured it would be patched soon. But even in the recent update it was NOT patched. So why knows how long until it is patched. So security experts are suggesting disabling Java for the time being.