Apple provides some fantastic images for use as Desktop backgrounds and screensavers, but if you like seeing pretty pictures regularly, you’ll get bored with Apple’s tiny collection. Happily, Mac developers have tapped massive Internet photo sites to give you an inexhaustible set of beautiful photos to dress up your Desktop, screensaver, and browser windows.

Bitdefender Labs has issued a warning about an app called EasyDoc Converter, saying that it’s dangerous malware that could give an attacker complete control of your Mac. EasyDoc Converter was available at the reputable MacUpdate Web site, and testers at Tom’s Guide were able to install it despite Gatekeeper being set to allow apps only from the “Mac App Store and identified developers.” Interestingly, the malware will not install if you have Objective Development Software’s Little Snitch network-monitoring utility installed. Read this as yet another reminder to be extra careful about what you install on your Mac — stick to software from reputable developers.

In ExtraBITS this week, Walmart Pay becomes available at thousands of Walmart stores throughout the United States, we learn why some apps are intentionally slow, the EasyDoc malware targets unsuspecting Mac users, and iOS 10 will help you register for organ donation.

Version 2.90 of the Transmission BitTorrent client came with an unwanted feature: the KeRanger ransomware, which may be the first bona fide ransomware for the Mac. Three days after being installed, KeRanger begins encrypting files, and affected users must pay a ransom of 1 Bitcoin (about $400) to get their files back. Thankfully, Apple and the Transmission developers worked quickly to mitigate the attack. Apple revoked the stolen certificate used by KeRanger, so it will no longer work on Macs protected by Gatekeeper, and the Transmission Project has updated Transmission to 2.92, which automatically removes KeRanger if it’s present. If you have Transmission installed, update it immediately, and if you’ve turned off Gatekeeper for any reason, turn it back on by going to System Preferences > Security & Privacy and selecting Mac App Store and Identified Developers under Allow Apps Downloaded From. And keep good backups!

There’s a poorly worded checkbox buried in the App Store pane of System Preferences that, if you misinterpret the interface, can result in your Mac failing to download critical anti-malware data. Adam Engst unwittingly had it set wrong, and if you do too, read on to learn how to get it right.

In this week’s gathering of the ExtraBITS, the Apple/FBI case continues to simmer, with the UN High Commissioner for Human Rights speaking out in Apple’s favor in its battle with the FBI, the San Bernardino District Attorney saying something unbelievably stupid, and Amazon removing encryption from Fire OS but quickly reversing course in the face of customer outrage. In other news, Kirk McElhearn explains how to slim down iTunes, Serenity Caldwell draws a review of the Apple Pencil, Apple blocks the first case of Mac ransomware, Apple support takes to Twitter, and Backblaze updates us on hard drive reliability.

A vulnerability associated with the Sparkle software updater opens many popular apps open to attack. Josh Centers explains who’s at risk and what to do about it.

XcodeGhost is a new piece of malware that uses modified versions of Xcode to insert malicious code into popular iOS apps. This appears to affect only Chinese apps, because bandwidth limitations in China are what prompted developers to download modified copies of Xcode from unofficial sources, rather than going straight to Apple.

It’s not new, and Apple doesn’t show it much love, but the ubiquitous Services menu can be a productivity powerhouse. Josh Centers explains how to use it and even how to make your own services.

Six months in, the tvOS ecosystem feels a bit empty. “Take Control of Apple TV” author Josh Centers investigates to find out why.

In this chapter we continue by looking at some security settings that require a bit more explanation and thought. That includes a discussion of OS X’s Gatekeeper and sandboxing security features, some basics for using user accounts more securely, and a couple of quick suggestions about sharing files, your screen, and other resources.

In this week’s chapter of the streamed “Take Control of Security for Mac Users,” Joe Kissell explains how to use OS X’s Gatekeeper technology to protect yourself from malicious apps, helps you set up user accounts for optimal security, and looks at how to share resources on your Mac securely.

Want to open your favorite Web apps faster? Adam Engst shares the best way to turn a Web app into a native Mac app via a hidden feature in Google Chrome.