Mashable reports that thousands of Twitter users have been affected by a Twitter security flaw that redirects them to third-party websites without their consent. According to the article:
The bug is particularly nasty because it works on mouseover only, meaning pop-ups and third-party websites can open even if you just move your mouse over the offending link.
The bug, which Twitter says is now “fully patched and is no longer exploitable,” seemed to only affect the Twitter site itself. The bug appeared to just be a nuisance, but Forbes says Sophos researcher Graham Cluley notes, if the bug persisted, there’s no doubt that cyber criminals would end up using it to redirect users to pages that infect visitors’ machines with malware.