Here is an interesting blog on how Symantec exposed a security hole at Facebook, where the Facebook applications is accidentally leaking access to 3rd Parties.