Last Updated: Sept. 21, 10:04 AM ET
Security firm Sophos posted a blog entry early Tuesday highlighting a new and potentially dangerous hack of Twitter's Web interface that's begun to make the rounds. It affects only Twitter.com, not third-party clients.
"Mouseover" hacks are not particularly complicated, and have been
Sophos noted that many Twitter users are playing around with it but that the company hasn't put out an official reaction. Representatives from Twitter were not immediately available for comment.
UPDATE (8:38 a.m. ET): Sophos notes that the exploit is spreading rapidly and that it's now being used to redirect to some hardcore porn sites.
UPDATE (8:51 a.m. ET): The security hole is now being used to "auto-tweet" more mouseover links, and thousands of Twitter users are falling prey to it. For the time being, using a third-party Twitter client may be the safest option.
SS attack identified and patched. 26 seconds ago
UPDATE (9:51 a.m. ET): Twitter says it has identified and is patching the exploit. "We expect the patch to be fully rolled out shortly and will update again when it is," Twitter said on its blog.
UPDATE (10:04 a.m. ET): Twitter says the exploit has been fully patched.