Facebook Messenger bug made it possible for hackers to see who you have been chatting with

A security researcher has revealed details of a flaw in Facebook Messenger that made it possible for “any website to expose who you have been messaging with.” Imperva’s Ron Masas, who in the past has identified a bug that allowed unauthorised websites to view Facebook users’ location histories, likes and interests, discovered the flaw in the web version of Facebook Messenger. Masas discovered a way of exploiting the Messenger website’s use of iFrames to determine who users had been chatting with.

Read full news article on Graham Cluley