This OpenSSL flaw allowed attackers to silently extract up to 64 kilobytes of raw server memory per request, completely bypassing normal security protocols.

Compromising these primary keys was especially devastating because it allowed attackers to decrypt both past and future internet traffic that was meant to be secure.

The researchers who discovered the flaw created a distinctive bleeding heart graphic, making it one of the first heavily branded software bugs to reach the mainstream public.

Attackers send a tiny message but claim it is larger. The server blindly trusts this size claim and responds by padding the return message with adjacent, sensitive memory.

OpenSSL is an open-source cryptography library used by millions of websites to secure communications over computer networks, which made the Heartbleed bug extremely widespread.

Heartbleed gets its name because it specifically exploits a vulnerability in the Transport Layer Security (TLS) heartbeat extension, which normally keeps connections alive.

The Heartbleed bug tricks a server into transmitting up to 64 kilobytes of its own private memory, exposing sensitive data like passwords and private keys.

Heartbleed was one of the very first software bugs to be marketed to the public with its own dedicated branding, featuring a distinct bleeding heart logo and an informational website.

The Heartbleed bug exploits the TLS "heartbeat" extension, which was originally intended to keep secure web connections open even when idle.

Heartbleed tricks a server into reading out portions of its own memory, which often contains highly sensitive data like encryption keys and raw passwords.