Even More XSS Worms

Sun, 12 Apr 2009 08:29:41 GMT

This morning I spotted several blog posts mentioning that Twitter has been hit by yet another XSS worm.

There is no merit in discussing how this has been done and for what purposes but this incident is yet another proof that the attack landscape is rapidly changing and moving towards web enabled infrastructures and the client-side. Soon or later almost every website will be equipped with social capabilities (google's own opensocial and friendconnect platforms) and than simple persistent XSS attacks will turn into quite nasty problems.

Time will tell!

For everyone reading this and wanting to have a look at the code like me: http://cxg.de/?id=DZcgpvEzIojaQwx