<https://www.theguardian.com/technology/2018/oct/02/facebook-hack-compromised...> Bugs in certain Facebook features resulted in user tokens being exposed to attackers. Remember the Facebook hack last week that compromised at least 50m accounts? It’s worse than you think. Last Friday, the social media company revealed a vulnerability that allowed attackers to steal automated log-in credentials (or “tokens”). The tokens make it easier for people to log into popular apps and services like Spotify, Pinterest, or Yelp. The flaw, which has been present since July 2017, was discovered last month after Facebook engineers noticed unusual login activity. While the scope of that attack is still being discovered, independent researchers say the damage could extend far beyond Facebook’s borders. [...]