Dan Goodin / Ars Technica:

A newly published exploit for a Magento vulnerability that can be used with no authentication required puts hundreds of thousands of e-commerce sites at risk  —  Magento admins: beware of SQL flaw that requires no authentication.  —  Attack code was published on Friday that exploits …

A newly published exploit for a Magento vulnerability that can be used with no authentication required puts hundreds of thousands of e-commerce sites at risk (Dan Goodin/Ars Technica)
Source: Tech Meme