The Twitter website was yesterday widely exploited by users who have stumbled across a flaw which allows messages to pop-up and third-party websites to open in your browser just by moving your mouse over a link.
In a worrying development, messages was also spreading virally exploiting the cross-site-scripting (XSS) vulnerability without the consent of users.
Thousands of Twitter accounts have posted messages exploiting the flaw. Victims include Sarah Brown, wife of the former British Prime Minister.
Source: Sophos
According to Twitter Status the XSS security issue is now identified and patched.
