Advertisement

Twitter turns off Tweetdeck to 'assess' JavaScript security breach (update: it's back)

If you're a Tweetdeck user and can't login right now -- there's a reason. The service's webapp contained a vulnerability that let it run scripts embedded in tweets; just reading a tweet could cause a popup to appear on your screen, redirect you to another website, hijack your account or even cause you to retweet something without knowing. Since Tweetdeck is used by many of the social media managers for widely-followed accounts, a flaw that spreads itself could quickly replicate across the service.The official Tweetdeck account claimed the vulnerability was fixed earlier, but that doesn't appear to have worked, and as a result, Twitter has taken the service down "to assess today's earlier security issue." Even though you can't login right now, it would probably be a good idea to revoke the service's access to your account entirely until things are resolved.

Update: Tweetdeck says it's verified a security fix and turned the service back on -- who wants to be the first to confirm if it's actually safe?

[Image credit: Simon Dawson/Bloomberg via Getty Images]