You know that little locked padlock next the address of the site you’re visiting? Apparently, it’s intended to be ironic. Researchers say that about two-thirds of all the servers on the Internet are running security software that has a key flaw — a bug called Heartbleed — that could expose your data. Here’s GigaOm’s Mathew Ingram with everything you need to know about the Heartbleed web security flaw.

+ James Fallows shares the five things you need to do about the Heartbleed bug.

+ WSJ: “The bug exploits a problem in certain versions of OpenSSL, a free set of encryption tools used by much of the Internet. OpenSSL is managed by four core European programmers, only one of whom counts it as his full-time job.”

+ How did Heartbleed become the first security bug with a cool logo?