New SSL/TLS flaw leaves Safari vulnerable to man-in-the-middle attack, Apple promises fix
A newly-discovered flaw in some implementations of cryptographic protocols SSL and TLS — including those used by Apple's Safari and Google's Android AOSP browsers — could allow an attacker to force clients to use older, weaker encryption that would make it significantly easier to intercept secure communications.