A flaw in software has left millions of web users vulnerable.
The bug called "Heartbleed", and it is capable of scanning all the contents from a server's memory, including your saved passwords and private information.
Who Is At Risk:
The bug is vulnerable in Open SSL encryption software that is used by a large number of web applications.
An attacker get copies of a server's digital keys then use that to impersonate servers or decrypt communication.
Popular social sites, hobby sites, commerce sites and even government sights might be using vulnerable OpenSSL.
The bug could read everything on you do on these sites from your bank username passwords, emails, instant messages and just about action you perform on the web.
What Can You Do?:
Cnet.com published an article that linked to a tool that lets people check websites they frequent for heart bleed vulnerability. It was created by developer and cryptography consultant Filippo Valsorda.
According to cnet.com the tool showed Google, Microsoft, Twitter, Facebook, Dropbox were unaffected.
Yahoo showed vulnerability but is working to fix the problem.
You can read more about the bug and how to fix it if you have your own website by visiting Heartbleed Bug Blog.