I am in your base DMing your n00bs!Over the weekend Twitter was hit by a phishing scam, it received a lot of coverage across the blogosphere and online media. Twitter also acknowledged the issue on their blog, detailing what to do if you become affected.
Personally I am surprised that it's taken so long for this to blow up and become an issue. Developers using the Twitter API release new clients, mashups and applications all the time to enhance our interaction through the service. Without as much as a second thought we login with our Twitter credentials and begin interacting with our friends and followers.
If you are sent any messages then be vigilant, anything malicious you encounter I would advice informing the sender that they have been compromised and to change their password. This goes the same if you become affected as changing the password will eliminate more messages being circulated. I expect that this won't be the last we read about phishing scams on Twitter, with the aim being mainstream engagement then this matter is priority. Have you been affected? Do you feel it's time Twitter adopted a remote key for the API similar to Friendfeed? Has the service gone mainstream?
Update: Here is Twitter’s official explanation