UPDATE 5/5/2010 1:59AM ET: Facebook issued a statement to TechCrunch acknowledging the bug.
"For a limited period of time, a bug permitted some users’ chat messages and pending friend requests to be made visible to their friends by manipulating the “preview my profile” feature of Facebook privacy settings. When we received reports of the problem, our engineers promptly diagnosed it and temporarily disabled the chat function. We also pushed out a fix to take care of the visible friend requests which is now complete," the site said. Read the full statement on TechCrunch here.
UPDATE 5/5/2010 10:09AM ET: Facebook seems to be on top of the security hole. A notice on Facebook at approximately 10AM ET alerted users that chat was "down for maintenance."
Watch out! TechCrunch reports that a new Facebook security flaw can expose personal information by enabling your Facebook friends to see both your live chats, as well as your pending friend requests.
TechCrunch explains that the exploit is "enabled by they way that Facebook lets you preview your own privacy settings. In other words, a privacy feature contains a flaw that lets others view private information if they are aware of the exploit."
The video below offers a glimpse of the Facebook security flaw in action.
Some users have noted that Facebook chat is down. TechCrunch alerted Facebook to the exploit, and it's possible the social network may be down for maintenance. We'll keep you updated.
Facebook suffered another security glitch earlier this year that exposed users' private email addresses.