Facebook was the first company to admit publicly to have been affected by the recent watering hole attack that started with a compromised forum site popular with mobile developers.
If you get an email sent by "Mark Zurckerberg", saying your Facebook account might be permanently suspended because of violations of the social network's Terms of Service, fight the urge to follow the offered link for "account verification." The message is bogus, and the link will take you to a fake Facebook login web page set up for harvesting login credentials.
A flaw in Facebook's OAuth system that allows the communication between applications and users has enabled web application security specialist Nir Goldshlager to gain full control of any Facebook account.
Chrome users, beware of an extension by the name of "Business Flash Player".
"Being" on Facebook brings its own set of dangers, and among them is inadvertently downloading malware by clicking on links posted by your own "friends".
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.