Hackers have sent out an email with a fake security patch containing malware to Magento sites. If you receive an email with patch SUPEE-9789 DO NOT OPEN IT! The patch is fake and is a threat to your site.
Magento never sends patches via email, and any email claiming to be from Magento containing a security patch should be ignored. To secure your site, safely download Magento patches from Magento.com or reach out to your developers for help.
To stay on top of your sites’ security, sign up to the 121ecommerce’s newsletter.