Although it is a positive point that WordPress is so popular, the negative side of that is that it is a popular target for malicious antics. This doesnt mean that WordPress is any less secure than any thing else out there, just that it more likely to be attacked.
Make sure you always have the latest WordPress version up to date so that you have the most current security patches. This will not only keep you up to date with all the latest tweaks but also less vulnerable to attacks. This also applies to plugins too. You need to keep these up to date as well.
How To –
When ever there is an update for WordPress a notification is shown at the very top of your dashboard. It will include a link to update but always back up first just in case.
When there is an update for a plugin there will be a little symbol in the top grey bar. It will also have in brackets how many plugins ( and themes) need updating. Clicking on it will take you to the update page and you can update all the plugins in one go.