UPDATE: I have made a single page information site to help end users who may need some clarity.
Yesterday, a security vulnerability in Open SSL was made public.
There is more information here: http://heartbleed.com
That is quite a technical resource, so feel free to browse the more friendly versions here:
Approximately 2/3rds of the internet is affected (here’s a list of big providers: https://github.com/musalbas/heartbleed-masstest/blob/master/top1000.txt) and there is a huge amount of interest in the story, with the BBC carrying it on their homepage today (linked above). You will likely see this pop up across many sites you log into very soon.
In essence, it is possible for an attacker to eavesdrop on passwords being sent by users to login to their accounts due to a bug in the encryption software.
If you use the internet, it’s worth resetting your passwords immediately. The implications of this vulnerability are huge - sites you though you were signing in to securely may not have been.