A serious vulnerability in the popular Joomla extension VirtueMart was discovered by the awesome people at Sucuri during one of their regular security audits. It allows regular users to gain Super Administrator privileges to a Joomla website with VirtueMart 2.6.8c and below installed on it. If a site with an older version of VirtueMart allows user registration (which is a default mode in VirtueMart) it can be hacked through this vulnerability.
Our security team has acted immediately and we've added the necessary rules to our in-house application layer firewall in order to protect our customers. VirtueMart developers have been super fast too - a new version that fixes the bug is already released. Although we got you shielded, we strongly recommend that you upgrade VirtueMart to its latest version!