Facebook was victim of a watering hole attack, involving a popular mobile developer Web forum, aka www.iphonedevsdk.com. The attack was using a Java 0day that has been urgently patched, in Oracle Java CPU of first February, by version 7 update 11 and version 6 update 39. Hundreds of companies were affected by the attack, including defense contractors. Apple had blacklisted Java plug-in, a second time in a month, the 31 January, through an update to Xprotect, the Mac OS X anti-malware system.”]

