Goodbye Summer, Hello FAIL

It’s the first day of Autumn, and no, I’m not planning on a tweet about it…

Anyone checking this morning was probably greeted with a mess of JavaScript, mouseover effects, and spam retweets, after a flaw in the site’s handling of hyperlinks allowed attackers to inject scripts into Twitter’s pages. The mere act of visiting the site with scripting enabled was sufficient to cause exploitation. Payloads ranged from the harmless—tweets with a black background—to the more malicious—redirection to porn sites.

I’ll just stick to blogging for now.

Leave a Reply

Your email address will not be published. Required fields are marked *