Private encryption keys have been successfully extracted multiple times from a virtual private network server running the widely used OpenVPN application with a vulnerable version of OpenSSL, adding yet more urgency to the call for operators to fully protect their systems against the catastrophic Heartbleed bug.

via Confirmed: Nasty Heartbleed bug exposes OpenVPN private keys, too | Ars Technica.