Attackers exploited vulnerabilities in Facebook's code to gain access to at least 50 million Facebook user accounts. Those accounts could have been used for information gathering campaigns, as attackers had full access to the user's profile, friends list, and usage history.
Facebook is expanding its bug bounty program to third-party apps and websites that might expose user tokens improperly.
The two dominant social media platforms are changing the way they verify users in an effort to fight foreign influence operations.
Facebook has given academic researchers more than $800,000 to pursue proposals for new defensive techniques.
TLS 1.3 has been approved, and Facebook has open sourced Fizz, a TLS 1.3 library, to help developers and server operators deploy TLS 1.3 for their mobile apps, services, and appliances such as load balancers