Any online e-commerce businesses that use the content management system (CMS), Magento, are being told to upgrade to latest patched version as soon as possible to protect against a number of vulnerabilities. It has been reported that most of the flaws could only be abused by authenticated users, although one particular vulnerability could be exploited remotely by unauthenticated attackers.
The new version of the software will address the 37 security threats that have been discovered. The National Cyber Security Centre (NCSC) advocates the importance of patching CMSs, as well as general system vulnerability management, to help protect against hackers exploiting vulnerabilities in the software.
It is advisable to turn on automatic software updates to help remain protected.
https://www.ncsc.gov.uk/report/weekly-threat-report-29th-march-2019