The real security advice is: keep up to date with security patches. Staying up to date just because is not good advice.

Gentoo has a nice system, "Gentoo Linux Security Advisories", where you can periodically run a program called glsa-check which lets you know if you have packages installed that have security problems, what the problems are, and points to more info (like CVEs). You can even have it upgrade stuff on its own if you don't want to think about it. Something like this would be a nice feature for browser extensions.