I run an older model Macbook Pro, a local LAMP stack for development (managed by Homebrew) and always keep things up to date.
I had port 80 open to incoming traffic to enable testing of a webhook setup I am developing which it appears someone has used to compromise skype and firefox (or just able to open tabs on the default browser) on my machine.
I had browser tabs open with a google search of the last line of many of my skype conversations, and some .
I can't see a whole lot in the apache logs from when the attack was executed so Im concerned that malware has somehow been installed.
Where would I start looking to ensure my machine is no longer compromised (other than heavily restricting incoming requests over port 80) ?