According to a report on CIO.com, the blogger noticed the problem while poking around the application directory to a game he had downloaded on his iPhone. He found that Facebook's mobile app doesn't encrypt login credentials, making it vulnerable to rogue apps and poisoned USB connections.

Facebook told the blogger it was fixing the problem on its end, but he noted that login credentials may still be vulnerable on the gaming apps' end.

This story is part of Federal News Radio's daily Cybersecurity Update. For more cybersecurity news, click here.