A newly discovered vulnerability in TweetDeck for Chrome is allowing attackers to remotely execute javascript code through an unpatched vulnerability. Users have reported seeing random pop-up windows reading “Yo!” or “Please close now TweetDeck [sic], it is not safe.” The vulnerability is believed to be confined to web version of TweetDeck, but other users have reported similar attacks in TweetDeck’s Windows app. Twitter says that they have fixed the vulnerability, and users can apply the fix by logging out of TweetDeck and logging back in. We are still in the process of confirming the fix, and will update with any results. Researchers have reported XSS problems from TweetDeck in the past, most notably from Mikko Hypponen in 2011, but developers reported the vulnerability as fixed the following day, and most believed it to be a closed issue.

Read the full story at The Verge.

About Shelly Palmer

Named one of LinkedIn’s Top 10 Voices in Technology, Shelly Palmer is CEO of The Palmer Group, a strategic advisory, technology solutions and business development practice focused at the nexus of media and marketing with a special emphasis on machine learning and data-driven decision-making. He is Fox 5 New York's on-air tech and digital media expert, writes a weekly column for AdAge, and is a regular commentator on CNBC and CNN. Follow @shellypalmer or visit or subscribe to our daily email

Like it? Tweet it.

"TweetDeck (Chrome) Users Hit With Remote Hack" by @ShellyPalmer

600,000 subscribers and counting...

We write a daily newsletter featuring current events and the top stories in technology, media, marketing and entertainment.