"FREAK Attack" is an SSL/TLS vulnerability disclosed by researchers on March 3, 2015 that can be exploited to force browsers into a weaker encryption state.
Attackers can theoretically use FREAK Attack to intercept what should be a secure HTTPS connection ? the one with the lock icon in the address bar ? and downgrade the encryption to "export-grade", which is much easier to crack. Safari, both on OS X and iOS, among other browsers, can be susceptible to FREAK Attacks, but Apple is aware of the exploit and moving swiftly to patch it:
"We have a fix in iOS and OS X," an Apple spokesperson told iMore, "that will be available in software updates next week."
Full story from the iMore Blog...