Latest in Javascript

Image credit:

Twitter turns off Tweetdeck to 'assess' JavaScript security breach (update: it's back)

Richard Lawler, @Rjcc
June 11, 2014
Share
Tweet
Share

Sponsored Links

If you're a Tweetdeck user and can't login right now -- there's a reason. The service's webapp contained a vulnerability that let it run scripts embedded in tweets; just reading a tweet could cause a popup to appear on your screen, redirect you to another website, hijack your account or even cause you to retweet something without knowing. Since Tweetdeck is used by many of the social media managers for widely-followed accounts, a flaw that spreads itself could quickly replicate across the service.The official Tweetdeck account claimed the vulnerability was fixed earlier, but that doesn't appear to have worked, and as a result, Twitter has taken the service down "to assess today's earlier security issue." Even though you can't login right now, it would probably be a good idea to revoke the service's access to your account entirely until things are resolved.

Update: Tweetdeck says it's verified a security fix and turned the service back on -- who wants to be the first to confirm if it's actually safe?

[Image credit: Simon Dawson/Bloomberg via Getty Images]

In this article: javascript, security, tweetdeck, twitter, xss
All products recommended by Engadget are selected by our editorial team, independent of our parent company. Some of our stories include affiliate links. If you buy something through one of these links, we may earn an affiliate commission.
Comment
Comments
Share
Tweet
Share

Popular on Engadget

Engadget's 2020 Back-to-School Guide

Engadget's 2020 Back-to-School Guide

View
Netflix confirms it's adding playback speed controls to its Android app

Netflix confirms it's adding playback speed controls to its Android app

View
These AI-generated tennis matches are both eerie and impressive

These AI-generated tennis matches are both eerie and impressive

View
Facebook forms financial group to focus on payments

Facebook forms financial group to focus on payments

View
Space Force official logo and motto unveiled

Space Force official logo and motto unveiled

View

From around the web

Page 1Page 1ear iconeye iconFill 23text filevr