Just a couple things to take care of to make it safer
sudo apt install unattended-upgrades
nano /etc/apt/apt.conf.d/50unattended-upgrades
uncomment the following lines:
"origin=Debian,codename=${distro_codename}-updates";
"origin=Debian,codename=${distro_codename}-proposed-updates";
sudo dpkg-reconfigure --priority=low unattended-upgrades
I'll keep adding stuff to this Page until im satisfied,
but dont expect this to actually make your system 100% safe.. there's never 100%