A tweet containing computer code has started propagating itself through Twitter by taking advantage of a security flaw in Twitter’s TweetDeck application. In response, Twitter shut down the application’s access to tweets. The tweet is automatically “retweeted,” or sent out again, when processed by TweetDeck. Twitter, which owns TweetDeck, initially told TweetDeck users to log out and log back in. When that proved ineffective, it shut down the application’s access to tweets.
A flaw in TweetDeck lets users tweet out executable JavaScript code, which can create anything from annoying popups in TweetDeck feeds to ways to an easy way for attackers to hijack your account.
Jill Scharr, Tom’s Guide