so don't even know where to start to try and get my money back, if I can,
You can't. Bitcoin transactions are final once confirmed.
and how to prevent whatever has happened from happening again.
Update your software.
How do you know that you were a victim of that vulnerability? Was your wallet encrypted? If so, you were not a victim of that vulnerability. Did you have your web browser open to random, unknown, and possibly malicious sites? If not, then you were not a victim of that vulnerability. Just because there was a vulnerability does not mean that you were automatically a victim of it. It is also possible you just have malware on your computer and that is stealing your money, in which case you will need to remove said malware.
Suppose a person had the software 2.7.12 installed. Is there any method to go back and verify it? I assume the answer is NO because the signature and verification routines always refer to the downloaded installation DMG, not the installed product in the applications direction.
I'm asking this question as a Mac user, but the question as posed is vital to both PC and Mac.