Earlier this week the Heartbleed bug was detected and exposed. The bug, which appears to have existed for around 2 years, is a vulnerability in OpenSSL which could allow a hacker to eavesdrop on web, email and VPN connections.
The vulnerability mainly affects servers, however Juniper and Cisco have issued a list of network products which may also be vulnerable and require patching.
Around 500,000 servers are vulnerable to Heartbleed; many large sites have patched their systems, however the majority remain vulnerable.
Users should first check to see if they have visited any sites which are vulnerable to the bug and whether they have taken any action to fix it. Passwords should be changed and, if you think you could be vulnerable, testing carried out.