Heartbleed
Websites such as Google and Facebook have implemented fixes for the flaw, but security researchers still suggest users change their passwords. Heartbleed.com

Update 5:22: NSA officials have denied that the agency knew about the Heartbleed bug before the general public learned of its existence.

5:00: Officials at the National Security Agency may have known about and exploited a critical Internet security flaw, known as the Heartbleed bug, for at least two years, according to Bloomberg News, and Internet users around the world are outraged by the report.

The NSA learned about the security flaw almost as soon as it was introduced, and it kept its knowledge of the Heartbleed bug secret to exploit the flaw for national security purposes and interests, including obtaining passwords and other data, Bloomberg said. That left computers, servers and Internet users exposed to attacks from others who may have known about the security flaw, such as hackers and intelligence agencies from other countries. The Heartbleed bug reportedly gave the NSA access to nearly two-thirds of the world’s servers.

Many Internet users around the world spoke out against the NSA after reports that the intelligence agency, which was established to protect America's national security, left a major security flaw intact to further its surveillance goals. Many people view the NSA in a suspicious light after former agency contractor Edward Snowden revealed that it collected ordinary Americans' phone call metadata, causing them to assume the worst about the organization. Some, like MSNBC host Christopher Hayes, have even speculated that the NSA could have engineered Heartbleed, the SSL vulnerability that left many Americans in danger of identity theft.