It seems like nothing is secure those days. I found a post about possible security issues with HTTPS on Firefox and Chrome. The issues is realted to some features enabled by default in those browsers(TLS compression or SPDY) that would allow access to cookies from https sites. In the latest versions of Firefox and Chrome those features were disabled, so update as soon as possible.
Surprising for me it's that this happends to Firefox and Chrome and not to Internet Explorer, but it seems like the fact that they don't implement all the new cool stuff saved them.
Also as webmaster you can protect your users by disabling those features in your webserver.