Goodbye Summer, Hello FAIL

September 21, 2010February 15, 2021

It’s the first day of Autumn, and no, I’m not planning on a tweet about it…

Anyone checking twitter.com this morning was probably greeted with a mess of JavaScript, mouseover effects, and spam retweets, after a flaw in the site’s handling of hyperlinks allowed attackers to inject scripts into Twitter’s pages. The mere act of visiting the site with scripting enabled was sufficient to cause exploitation. Payloads ranged from the harmless—tweets with a black background—to the more malicious—redirection to porn sites.

I’ll just stick to blogging for now.

Leave a Reply Cancel reply