Twitter worms spread quickly thanks to blatant security flaw
Anyone checking twitter.com this morning was probably greeted with a mess of JavaScript, mouseover effects, and spam retweets, after a flaw in the site's handling of hyperlinks allowed attackers to inject scripts into Twitter's pages. The mere act of visiting the site with scripting enabled was sufficient to cause exploitation. Payloads ranged from the harmless—tweets with a black background—to the more malicious—redirection to porn sites.