TWITTER, the microblogging service, has major holes in its security, a London conference will be warned this week.

Graham Cluley of antivirus firm Sophos says the Twitter website is vulnerable to viruses written in the Javascript web-programming language. These viruses can then send out short messages or “tweets” in the user’s name, perhaps sending their friends to phishing sites.

“A couple of hours after Twitter says it has [a virus] under control a new worm appears using the same attack,” Cluley says.

Another problem he identifies is that deleting an embarrassing or incriminating tweet you have mistakenly sent does not …