Here we go again:
- Has HTTPS been broken?
- Has HTTP finally been cracked?
- Potential weakness in SSL/TLS security downplayed by certificate group
The answer is firmly: NO.
What the articles really mean is
HTTPS using RC4 is weak, but we have known that for years. Some research has found a particular good way of breaking RC4, so it is worse than ever. Please use a widely available stronger symmetric algorithm.
But I guess that does not make a good headline, so I guess we have to live with the hype.