http://www.forbes.com/sites/jameslyne/2014/04/08/heartbeat-heartbleed-bug-breaks-worldwide-internet-security-again-and-yahoo/
http://www.businessinsider.com/heartbleed-bug-explainer-2014-4
Addition: Here is a list of sites listed by Steve Dyer, head of Woodbury University's IT department-
1. Google.com: Not vulnerable.
2. Facebook.com: Not vulnerable.
3. YouTube.com: Not vulnerable.
4. Amazon.com: Not vulnerable.
5.
Yahoo.com: Was vulnerable. Yahoo Mail was vulnerable to attack but has
since announced that it has been patched, along with other main Yahoo
sites such as Yahoo Search, Finance, Sports, Flickr and Tumblr.
6. Wikipedia.org: Not vulnerable.
7. LinkedIn.com: No SSL.
8. eBay.com: No SSL.9. Twitter.com: Not vulnerable.
10. Craigslist.org: Not vulnerable.
11. Bing.com: No SSL.
12. Pinterest.com: Not vulnerable.
13. Blogspot.com: Not vulnerable.
14. Go.com: Not vulnerable.
15. CNN.com: No SSL.
16. Live.com: No SSL.
17. PayPal.com: Not vulnerable.
18. Instagram.com: Not vulnerable.
19. Tumblr.com: Was vulnerable. Tumblr was vulnerable to attack, but Yahoo has since announced that it has been patched.
20. ESPN.go.com: Not vulnerable.
21. WordPress.com: Not vulnerable.
22. Imgur.com: Not vulnerable.
23. HuffingtonPost.com: No SSL.
24. reddit.com: Not vulnerable.
25. MSN.com: No SSL.