Three researchers from Rutgers University in Newark, New Jersey, have discovered a simple way to hijack Facebook accounts by misusing existing features and responses of Facebook, Microsoft’s Hotmail web-based email service and its Windows Live Messenger.
Source:
http://www.net-security.org/secworld.php?id=14892