The Heartbleed Open-SSL flaw remains unpatched on nearly 200,000 servers and devices, according to connected devices search engine Shodan. The company’s Heartbleed Report was released over the weekend, and shows 52,000 Apache HTTPD servers are still vulnerable and exposed to the internet, nearly three years after the vulnerability was disclosed and fixes released in April 2014.