Security hole on Twitter.com exploited, links forced on mouseover
Though Twitter recently launched a newly redesigned site, users of the popular microblog are advised to use only third-party Twitter clients Tuesday morning to avoid a newly-exploited security hole.
The "worm" variety of this exploit launches a modal overlay that turns the entire browser screen into an onMouseOver field, which then retweets the malicious message when the user touches any part of the browser screen with his mouse pointer.
Though the current exploits are still mostly harmless in nature, this hole can easily be used to redirect Twitter users to sites containing malware.
UPDATE: At 9:50 AM EST, the Twitter status blog claimed that the cross-site scripting exploit was fully patched.