Attack dubbed CRIME breaks crypto used to prevent snooping of sensitive data.
Researchers have identified a security weakness that allows them to hijack web browser sessions even when they're protected by the HTTPS encryption that banks and e-commerce sites use to prevent snooping on sensitive transactions.
Read more:
http://arstechnica.com/security/2012/09/crime-hijacks-https-sessions/