Market admins are advised to upgrade to version 3.4.5 if your backend uses Joomla.
Trustwave SpiderLabs researcher Asaf Orpani has discovered an SQL injection vulnerability in versions 3.2 through 3.4.4 of Joomla, a popular open-source Content Management System (CMS). Combining that vulnerability with other security weaknesses, our Trustwave SpiderLabs researchers are able to gain full administrative access to any vulnerable Joomla site.
If market admins wait to see new vulnerabilities posted on /r/DNM before they patch they are almost certainly hacked already.