tweetdeck

TweetDeck patches XSS vulnerability after rampant pop-up spam

If you saw strange pop-up messages in TweetDeck this morning, you weren’t alone. It wasn’t the work of the Syrian Electronic Army, just some relatively harmless XSS exploitation.

The vulnerability allowed hackers to remotely execute code, specifically in TweetDeck’s Chrome app, though the exploit was spotted in other TweetDeck versions. (The Mac app was reportedly not affected.)

Some 40,000 Twitter accounts also unwittingly retweeted a string of code from a My Little Pony account, thought to be the result of the same vulnerability.

TweetDeck parent Twitter hasn’t said what the issue was, but shortly after the pop-ups started spreading like wildfire, TweetDeck announced the vulnerability had been patched. Many Twitter users also use TweetDeck to schedule and manage posts for multiple accounts.

After you log out of TweetDeck, make sure to clear your cache and delete any accidental retweets that may have hit your account.

Subscribe to the Daily Downloads Newsletter

Comments