Brace yourselves: exploit published for serious Magento bug allowing card skimming (Updated)

By Dan Goodin

Magento admins: beware of SQL flaw that requires no authentication.

Attack code was published on Friday that exploits a critical vulnerability in Magento e-commerce platform, all bug guaranteeing it will be used to plant payment card skimmers on sites that have yet to install a recently released patch.

Read more at Ars Technica