Social media companies Facebook Inc, Alphabet Inc and Twitter Inc will have to amend their terms of service for European users within a month or face the risk of fines, a European Commission official said on Friday. U.S. technology companies have faced tight scrutiny in Europe for the way they do business, from privacy to how quickly they remove illegal or threatening content.

The Commission and European consumer protection authorities will "take action to make sure social media companies comply with EU consumer rules," the official said. Germany, the most populous EU state, said this week it planned a new law calling for social networks such as Facebook to remove slanderous or threatening online postings quickly or face fines of up to 50 million euros ($53 million).

A hacker in Belgium claims he has found a serious security flaw that enables attackers to learn Facebook users' personal phone numbers, and he is now threatening to release details of the exploit unless the social network agrees to listen to him and patch the vulnerability.

Hacker is a creative developer for a Belgian public broadcaster who also moonlights as a white hat hacker. He has been discovering and reporting security vulnerabilities since the age of 16, and has worked with Facebook to report critical flaws since 2013. He has also found a total of 137 vulnerabilities for the bug bounty platform HackerOne.

Christmas came early for Facebook bug bounty hunter Tommy DeVoss who was paid $5,000 this week for discovering a security vulnerability that allowed him to view the private email addresses of any Facebook user.

“The hack allowed me to harvest as many email addresses as I wanted from anybody on Facebook,” DeVoss said. “It didn’t matter how private you thought your email address was – I could of grabbed it.” DeVoss said he discovered the vulnerability and reported it to Facebook via its bug bounty program. After weeks of going back and forth verifying what the exact bug was and how it was exploited, Facebook said it would award him $5,000 for the discovery.

Requests by governments around the world for Facebook account data went up 27 percent in the first half of 2016 compared to the latter half of 2015, the social media giant said.

More than half of requests that came from US law enforcement "contained a non-disclosure order that prohibited us from notifying the user," Facebook said. The number of requests for content restriction, or "the number of items restricted for violating local law," went down by 87 percent. Facebook said the attacks in Paris in November 2015 increased the number of content restrictions in the latter half of last year.

A security researcher has discovered a critical vulnerability in Facebook Messenger that could allow an attacker to read all your private conversation, affecting the privacy of around 1 Billion users.

The researcher reported a cross-origin bypass-attack against Facebook which allows an attacker to access your private messages, photos as well as attachments sent on the Facebook chat. To exploit this vulnerability, all an attacker need is to trick a victim into visiting a malicious website; that’s all. Once clicked, all private conversations by the victim would be accessible to the attacker, because the flaw affected both the web chat as well as the mobile application.

A low-tech but cunning malware program is worrying security researchers after it started spreading rapidly in the past week through a new attack vector: by forcibly exploiting vulnerabilities in Facebook and LinkedIn. According to the Israeli security firm Check Point, security flaws in the two social networks allow a maliciously coded image file to download itself to a user's computer.

Users who notice the download, and who then access the file, cause malicious code to install Locky ransomware onto their computers. Locky has been around since early this year, and works by encrypting victims' files and demands a payment of around half a bitcoin (currently £294; $365) for the key.

If you came across any Facebook Message with an image file send by any of your Facebook friends, just avoid clicking it. An ongoing Facebook spam campaign is spreading malware downloader among Facebook users by taking advantage of innocent-looking SVG image file to infect computers.

If clicked, the file would eventually infect your PC with the nasty Locky Ransomware, a family of malware that has quickly become one of the favorite tools among criminals due to its infecting capabilities. The attack campaign uses Facebook Messenger to spread a malware downloader called Nemucod that takes the form of .SVG image files. Why SVG file?

Facebook is reportedly buying stolen passwords that hackers are selling on the underground black market in an effort to keep its users' accounts safe.

On the one hand, we just came to know that Yahoo did not inform its users of the recently disclosed major 2014 hacking incident that exposed half a billion user accounts even after being aware of the hack in 2014. On the other hand, Facebook takes every single measure to protect its users' security even after the company managed to avoid any kind of security scandal, data breach or hacks that have recently affected top notch companies. Facebook provides you a whole bunch of tools to tighten up the security of your account.

A hacking group has claimed credit for targeting Facebook Chief Executive Mark Zuckerberg's online accounts -- for the second time this year. On Tuesday, a hacking group known as OurMine emailed me to say they had targeted Zuckerberg's Pinterest account, which was defaced with a new tagline and the group's web address.

His Pinterest bio temporarily said, "Don't worry, we are just testing your security." By the time we published, the defacement had been removed. But the group would not say, when asked, how it carried out the hack -- but it did say that it wasn't through leaked databases. When pressed, the group said that it has "a exploit on Pinterest" but didn't say how.

European Union privacy chiefs said Facebook Inc. must stop processing user data from its WhatsApp messaging service while they are investigating the privacy policy changes the company announced in August.

The Article 29 Working Party, made up of privacy chiefs from across the 28-nation EU, told Facebook it had “serious concerns” about the sharing of WhatsApp users’ data for purposes that were not included in the terms of service and privacy policy when existing users signed up to the service. European privacy watchdogs don’t shy away from targeting big US technology firms, as previous probes into Facebook, Alphabet Inc.’s Google or Microsoft Corp. have shown.