In Heartbleed’s wake, let’s not forget many open-source apps remain vulnerable to attacks

The wounds caused by Heartbleed remain at the front of many minds, just a few weeks after a bug in the OpenSSL cryptographic library threatened to throw the world’s Internet population under the bus.

The flaw could have allowed hackers to reveal contents of secured communications — such as passwords and credit card transactions. But to make matters worse, the fears around the flaw were only compounded when another separate vulnerability was found, this time in OAuth and OpenID, a few weeks later.