A colleague sent me these links earlier. To sum it up twitter-style:

OMG twitter hacked XSS LOL

Well actually the message was a bit longer, but you get the point. Anyway, once I got to look at it the problem was fixed alreay. Not in 90 seconds, mind you, but 90 minutes is still pretty impressive. 

Anyway, notifying the security team in advance would have been nice, but it was still a pretty cool stunt. I’m looking forward to rsnake’s talk at Blackhat!