The social media darling Twitter has been hacked according to authorities. The popular site has been dealing with this problem for the past two days. Tweets are being activated without actually being clicked.
CNET stated that the security firm Sophos warned users about the vulnerability in a post early Tuesday, Sept. 20.
According to Mashable, the bug redirects users to third-party Web sites without their consent. Described as a “mouseover security flaw,” it is suspected of affecting millions of users.
Georg Wicherski from Kaspersky Labs states that “there is an actively exploited XSS vulnerability on Twitter. From my first preliminary analysis, you’ll have to hover over a link to activate it and so far I have just seen some proof of concepts from people I follow. However, this vulnerability looks at least semi-wormable, so better turn JavaScript off on Twitter for now.” –torrance stephens, ph.d.
