Heartbleed bug can expose private server encryption keys

Four researchers working separately have demonstrated a server’s private encryption key can be obtained using the Heartbleed bug, an attack thought possible but unconfirmed.
Computerworld Malware and Vulnerabilities News