Hacker Nir Goldshlager discovered a major privacy flaw in Facebook’s OAuth system. Nir gained access to virtually anyone’s entire Facebook account. The worst part? The victim wouldn’t even need to click “allow” so they were expunged from the process entirely. Facebook has already corrected the problem, but this is unsettling, nonetheless. This most recent revelation only makes Facebook’s incomprehensibly complex privacy rules that much more menacing for the inevitable holes we still have yet to find.”]
Source: https://gizmodo.com/a-facebook-privacy-flaw-gave-a-hacker-access-to-every-s-5986710