There's another security flaw on the Web, and this time it's attached to Facebook. It can steal all your personal details saved on Facebook. It's called Covert Redirect. Fortunately, it's not anywhere near as bad as Heartbleed.
Covert Redirect is a sophisticated phishing scheme that Facebook has been aware of for a while.
Let me break it down for you.
There are various sites that try to link to your Facebook account. You've seen those sites, the ones that say "Create a new account" or "Sign in using Facebook" and have a Facebook button. You click the Facebook button and go about your merry way. In fact, to comment on my site, you need to log-in using your Facebook Account.
Now, there are numerous bogus phishing sites that disguise themselves to look like legitimate ones. You've seen phishing before on the Web and in your email.