The Chrome version of popular Twitter client TweetDeck for Chrome was affected by a potentially massive security flaw Wednesday, leaving users scrambling to prevent the problem from affecting their accounts.
The flaw allows JavaScript to be executed elsewhere in TweetDeck users’ browsers, resulting in un-wanted pop-ups and retweets as well as potentially creating avenues for hackers to grab sensitive data, like login information.
The problem was first brought to the world’s attention by security researchers and journalists Wednesday morning. TweetDeck issued a statement a few hours later saying the problem was fixed, but the problem continued for many users, possibly because the bug was spreading itself through automatic retweets from compromised accounts.
TweetDeck has since been taken offline so Twitter, which has owned TweetDeck since 2011, can “assess today’s earlier security issue.”
The best advice for TweetDeck for Chrome users right now is to completely avoid the app until Twitter provides more clarity about the problem. It would also be wise to reset your Twitter password and revoke TweetDeck’s access to your Twitter account and anything else to which it’s connected.
Alternatives to TweetDeck for Chrome include the desktop app, Twitter.com and the third-party HootSuite client.
More Must-Reads from TIME
- Donald Trump Is TIME's 2024 Person of the Year
- Why We Chose Trump as Person of the Year
- Is Intermittent Fasting Good or Bad for You?
- The 100 Must-Read Books of 2024
- The 20 Best Christmas TV Episodes
- Column: If Optimism Feels Ridiculous Now, Try Hope
- The Future of Climate Action Is Trade Policy
- Merle Bombardieri Is Helping People Make the Baby Decision
Contact us at letters@time.com