An SSL attack that was once deamed improbable became very real when a Turkish grad student invented an attack on Twitter that would sneak login data from an encrypted connection.
The attack suggests that SSL 3.0+ and TLS 1.0+ protocols susceptible to a man-in-the-middle injection of a simple text prefix into an encrypted data connection.
In essence, the attack was comprised of an injection that that gave instructions to Twitter to offload the web request as a Twitter message after it had been decrypted.