The attackers exploited the security vulnerability in OpenSSL running in the client’s SSL VPN concentrator to remotely access active sessions. Researchers guessed heartbleed had infected two-thirds of all Web servers, and researchers at Sucuri reported Friday that just 2 percent of the top 1 million websites on the Internet remain…