Slashdot stories can be listened to in audio form via an RSS feed, as read by our own robotic overlord.

 



Forgot your password?
typodupeerror

Submission Summary: 0 pending, 1 declined, 0 accepted (1 total, 0.00% accepted)

Slashdot videos: Now with more Slashdot!

  • View

  • Discuss

  • Share

We've improved Slashdot's video section; now you can view our video interviews, product close-ups and site visits with all the usual Slashdot options to comment, share, etc. No more walled garden! It's a work in progress -- we hope you'll check it out (Learn more about the recent updates).

×

+ - Cross-Site Scripting Attack hits Twitter->

Submitted by RJHelms
RJHelms (1554807) writes "As those of you who use Twitter may have notices, the social media site appears to have been hit with cross-site scripting attacks this morning. From Sophos:

"The Twitter website is being widely exploited by users who have stumbled across a flaw which allows messages to pop-up and third-party websites to open in your browser just by moving your mouse over a link. Messages are also spreading virally exploiting the vulnerability without the consent of users."

As of 9:20AM EST, I have also seen attacks doing the same thing using an overlay, making simply viewing your account reproduce the offending messages. PC Magazine's Larry Seltzer's blog claims the attacks were stopped around 9AM but began again around 9:15. Perhaps the original fix only blocked onmouseover."

Link to Original Source

The beer-cooled computer does not harm the ozone layer. -- John M. Ford, a.k.a. Dr. Mike

Working...