UPDATE (10:07 a.m. EST): According to Twitter, the hack has been identified and patched. Below, a screenshot from their official Tumblr. I still recommend using outside clients; I've never had a problem with TweetDeck.
Twitter users are being advised to access the social networking site using only outside clients, such as TweetDeck, until further notice. A security flaw on the main Twitter.com page has allowed third-party websites to automatically redirect users after only mousing over seemingly harmless links. Even Sarah Brown, wife of the former British Prime Minister, was hit with the attack and redirected to a pornographic Japanese site.
It looks like many users are currently using the flaw for fun and games, but there is obviously the potential for cybercriminals to redirect users to third-party websites containing malicious code, or for spam advertising pop-ups to be displayed.
Some users are also seemingly deliberately exploiting the loophole to create tweets that contain blocks of colour (known as "rainbow tweets"). Because these messages can hide their true content they might prove too hard for some users to resist clicking on them.
Read the full story at Sophos.
Mashable can be trusted to update their post on this story as soon as more information is available.