Researchers have discovered how hackers can manipulate point-of-sale systems to give themselves steep discounts on purchases and steal items outright. All the hacker has to do is upload a new configuration file to the SAP Xpress server, which controls the checkout machines, to access administrative functions. That access lets hackers change prices, set discounts, or take other malicious actions against retail systems.

Read the full story here.