UPDATE: Twitter has announced it has fixed the security flaw, explaining on its Twitter Status blog: "The exploit is fully patched."
Twitter is blaming the hack on an XSS (cross-site scripting) attack.
A security flaw has appeared on micro-blogging site Twitter, which allows third-party sites to open up in your browser when you simply hover your mouse pointer over a link.
The hack has targeted thousands of profiles and even redirected readers of Sarah Brown's Twitter feed to a Japanese porn site.
Mouse in the house
If you are using the site, then it is recommended you don't click any link with the 'onmouseover' command, or ones which contain blocks of colour (rainbow tweets) as these can hide their true content.
Go to www.sophos.com/blogs for more details.
Here SophosLabs has created a video to explain the situation:
Article continues below