Quick note to say that there seems to be a twitter security issue based upon cross site scripting. Initially it was thought to be a virus but this post on NetworkWorld seems to indicate that it is in effect a cross site scripting hack . This basically means that should it be an XSS hack, Twitter are not high up there with their security standards. It won’t look good if what seems to be a phishing hack is possible on their site!
Update: the script used to infect all the Twitter users was crafted by a 17 year old from Brooklyn who claims to have been bored and was highlighting the vulnerability while promoting his own site! Twitter have “closed the hole” as per Geoff’s comment below.