News of the moment is the deadly sounding HEARTBLEED SECURITY FLAW
The flaw, dubbed "Heartbleed", could reveal anything which is currently being processed by a web server – including our sensitive secure information being used inside the site. Heartbleed's technical name is 'the CVE-2014-0160 exploit' which exposes vulnerabilities in the popular OpenSSL server software potentially allowing the memory of SSL/TLS encrypted web servers to be compromised. The bug essentially gives the bad guys the ability to read encrypted information such as usernames, passwords, credit card numbers and any other sensitive data. The bug exists in a piece of open source software called OpenSSL, which is meant to securely encrypt communications between a user's computer and a web server. But security researchers have no way to prove whether or not the flaw, which has existed since at least March 2012, has been exploited.