Twitter's vulnerability to basic cross-site scripting attacks highlights the need for organisations to review website coding, according to security firm Fortify Software.
A teenage hacker hit Twitter four times at the Easter weekend with worms that directed users to his own microblogging website.
Around 10,000 posts were deleted to prevent the worm spreading and Twitter has said it will consider legal action against the 17-year-old hacker.
The attacks are simply a case of a hacker exploiting vulnerabilities in the way websites are coded, said Barmak Meftah of Fortify Software.
Code exploitation is now high enough on the hacker agenda to warrant code auditing in the software planning and development process, Barmak Meftah said.
According to Meftah, a common problem is that developers typically write code with minimal auditing and few security checks.
"This is a classic example of how poor coding enables cracking situations that should never have been allowed to happen in the first place," he said.