Ok, I have deepened the problem and the vulnerability seem to be a server-side issue, and is addressed by disabling SSL 3 at the server end (that is Paypal's end). No action is required from the client-side like NBStore, and as long as the client is capable of connecting using TLS everything will work just as it always has.
You can check that everything will work OK running a test with their sandbox environment, which already has SSL 3 disabled.
You can check that everything will work OK running a test with their sandbox environment, which already has SSL 3 disabled.