Social-networking services provider Sendible says it's uncovered a major flaw in how Facebook works and is cooperating with Facebook to fix the issue. Social-networking services provider Sendible says it’s uncovered a major flaw in how Facebook works and is cooperating with Facebook to fix the issue.Facebook and Twitter flunk security report cardSendible said in a blog post late Tuesday night that it noticed the problem when “one of our users sent an update to a few popular Facebook pages, assuming they would appear to come from his profile. Instead, they posted as if they had come from the page itself.” Sendible adds, “Usually these posts appear as the Facebook user and not as the Facebook page itself.”When Sendible contacted the user, he replied: “I wanted to post only a few facebook walls as a fan — and for some reason, posted as the page Owner. Weird.” TechCrunch yesterday got wind of the problem after the news site received “about a half dozen tips” about Facebook pages “including Google, Coca-Cola, YouTube, South Park, the Daily Show, Team Coco and others are now sending out a malicious link to all of their following that reads ‘Change Your Facebook Background Here!’, adding it would be advised not to click on it.” TechCrunch said those that clicked on the link were directed “to a page outside of Facebook that asks you for information about you,” and reported that the bottom of the page read “Powered by AWeber Email Marketing.” Yesterday, TechCrunch surmised that the Facebook app Sendible — which has a service that lets fans of Facebook pages update multiple pages at once — was “compromised in a major way.” However, Sendible refuted that, saying it has actually “helped discover a security flaw in Facebook’s API.” Sendible said no user accounts were compromised and that it was not hacked.Sendible then said, “To ensure this doesn’t happen again, we’ve agreed with Facebook to remove the feature on Sendible that allows fans of Facebook pages to update multiple pages at once. Facebook has also agreed to release a patch by the end of the day so that no other Facebook applications will be affected.”Sendible did not respond to further requests for clarification, and Facebook did not have immediate comment.Read more about wide area network in Network World’s Wide Area Network section. Related content news UK government plans 2,500 new tech recruits by 2025 with focus on cybersecurity New apprenticeships and talent programmes will support recruitment for in-demand roles such as cybersecurity technologists and software developers By Michael Hill Sep 29, 2023 4 mins Education Industry Education Industry Education Industry news UK data regulator orders end to spreadsheet FOI requests after serious data breaches The Information Commissioner’s Office says alternative approaches should be used to publish freedom of information data to mitigate risks to personal information By Michael Hill Sep 29, 2023 3 mins Government Cybercrime Data and Information Security feature Cybersecurity startups to watch for in 2023 These startups are jumping in where most established security vendors have yet to go. By CSO Staff Sep 29, 2023 19 mins CSO and CISO Security news analysis Companies are already feeling the pressure from upcoming US SEC cyber rules New Securities and Exchange Commission cyber incident reporting rules don't kick in until December, but experts say they highlight the need for greater collaboration between CISOs and the C-suite By Cynthia Brumfield Sep 28, 2023 6 mins Regulation Data Breach Financial Services Industry Podcasts Videos Resources Events SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe