October 23, 2016

OnMouseOver XSS plagues Twitter

A new wave of Twitter attacks which make use of an XSS vulnerability in Twitter’s web client is causing trouble for users of the micro-blogging service. The injected script code is able to read the user’s Twitter cookie and authentication data. First assessments indicate that the vulnerability can be used to create a worm that spreads automatically.

Read the full story here.