Update 10:28 a.m.: Twitter now says the flaw has been patched; it's the second time this morning Twitter has said the situation was rectified, so watch to make sure the fix sticks.

Social media site Twitter is battling a major security breach this morning. If you're a Twitter user, watch out for suspicious links in Tweets and do your best not to let your cursor cross over the link.

Experts are warning that the attack is affecting thousands, if not millions, of users who sign into Twitter. Users are inserting a specific line of simple but malicious JavaScript code into links, causing people who "mouseover" the link to be sent to pornographic sites or sites containing malware.

"Social networkers with nefarious intentions are using that flaw to make the site unusable for most," the Detroit Free Press reported.

Some users are finding that they have inadvertently "retweeted" malicious links or sent direct messages containing links. The attack is affecting people who use the Web version of Twitter, not users who access the service via a third-party service like HootSuite or TweetDeck.

Here's more information on the attack, which Twitter was still fighting as of 9:30 a.m.:

CBS News: Beware of Twitter: Security Flaw Spreading

Mashable: Twitter Mouseover Security Flaw Affecting Thousands of Users

PC Mag: Cross-Site Scripting Attack Hits Twitter

MSNBC: Twitter hacked, sending users to third-party sites

Detroit Free Press: Twitter security flaw wreaks havoc

Contact AnnArbor.com's Nathan Bomey at (734) 623-2587 or nathanbomey@annarbor.com. You can also follow him on Twitter or subscribe to AnnArbor.com's newsletters.