Computer-security expert Bruce Schneier has weighed in on Heartbleed, the security flaw that opens up much of the Web to hacks.
In a post on his blog, Schneier calls Heartbleed a "catastrophic" attack that
could allow hackers to easily grab usernames and passwords. 
"On a scale of 1 to 10, this is an 11," he writes.
Heartbleed is a flaw in OpenSSL, or the standard encryption many sites and online
services use to keep your username and password encrypted. In theory, a hacker
can use the Heartbleed flaw to access passwords, encrypted communications such
as instant messages, and credit-card information.
Schneier speculates that someone could have intentionally added the Heartbleed bug
to OpenSSL, but it's more likely the case that it got in there by accident.