Infoworld reports on a new security vulnerability that affects Mac OS X/Safari.
The vulnerability involves the ability for Safari to run arbitrary local scripts on an end-user's computer. In order to accomplish this, a Disk Image must first be downloaded from the "attacking" website but can be tied to a single click.
A demonstration can be found at insecure.ws.