Anyone who uses Twitter, DO NOT use the Twitter web interface until further notice.
There is a code injection vulnerability being used that will send malicious tweets in your name just by mousing over an infected message.
If you’re using Twitter use your phone or other device, not the web interface.
If you see this message then you’ve retweeted the infected message.
If you can, use your phone to delete your last message.
Here’s an example of what you may never see, but you may repost without knowing it.
Update: Twitter Security Team reports this XSS attack has been fully patched. Personally, I’m going to wait until later today to use the web interface just in case. ;)