It plays out like so… Someone you follow appears to tweet a bit of code garble. This tweet then appears in your Tweetdeck feed. By appearing, the garble of code runs on your computer resulting in it being retweet from your account.
The result of the Tweetdeck hack is now Tweetdeck is offline for repairs and its users are forced to twitter.com to share photos of their pancakes. Annoying but not a big deal.
Gritty Technical Details
For the nerds, the tweet containing the contents of the hack is below:
<script>$(‘.xss’).parents().eq(1).find(‘a’).eq(1).click();$(‘[data-action=retweet]’).click();alert(‘XSS in Tweetdeck’)</script>