A serious flaw in the widely used OpenSSL encryption library was announced on April 7. The flaw has been designated CVE-2014-0160, aka “The Heartbleed Bug.”
We have updated the SSL certificate for this site in response. We are not aware of any compromise, but all users should change their passwords as a precaution.
In addition, if you host a WordPress site, please take the following steps:
1. Read this post by Wordfence,
2. Update your site, and then
3. Change your passwords. (This is especially important for administrators).
Other websites you use are probably also affected. Please check any sites that require a password for you to use them — look for updates or notifications from site administrators.
If you use the Tor Browser Bundle or operate a Tor node, please see this post on the Tor Project blog.
CAUTION: If you receive any unsolicited emails that prompt you to click links to update your password, treat them with extreme suspicion. They might be phishing attempts. Instead, type the URL of the site into your browser and change the password from the site itself.