tweetdeck

Multiple reports claim that TweetDeck for Chrome is under attack by hackers, with random popups urging users to shut the application down. TweetDeck acknowledged the vulnerability on its website early Wednesday morning, but said the bug has been patched. In order to execute the fix, TweeDeck says you need to log out and then log back in. So far reports suggest this vulnerability is only confined to the Web, but be weary if you use TweetDeck by other means. I haven’t noticed anything with the standalone application on Mac.

TweetDeck has been vulnerable to XSS problems before, with other issues cropping up back in 2011; that was quickly fixed, too, but it seems there are many other exploits still hibernating within the service. If you notice anything wrong with your service, see if signing off and signing back in does the trick. Sean, TechnoBuffalo’s Editor-in-Chief, was hit by a few attacks this morning, and was able to fix it by following TweetDeck’s instructions.

Per TheVerge, XSS is short for “cross-site scripting,” and is often one of the biggest security flaws in Web applications. When exploited, it give hackers the ability to execute their own javascript code, which is why users are reporting popups. Because Twitter has coded the app to be HTTP-only, however, important information like webmail or banking is reportedly safe, TheVerge said.