There is a java exploit recently discovered; reported by CNET.  It is very difficult to exploit, in order to get at your files, a malicious webpage has to trick you into typing in the full path of the file it wants to try to upload.  On the other hand, this flaw affects Firefox, Mozilla SeaMonkey, Mozilla Suite, Netscape and Microsoft Internet Explorer, so it could be a problem for anyone.
“Internet Explorer and Firefox, as well as other Mozilla browsers, are flawed in the way they handle JavaScript, security experts warned this week. An attacker could use the problem to launch surreptitious file uploads, jeopardizing people’s personal data, they said.

But exploiting the flaw requires so much user interaction that Microsoft and Mozilla don’t think it poses much of a danger. The companies do not see a need to rush out a fix. Instead, both plan to address the bug in upcoming releases of their browsers, representatives said, but did not specify which update or when it might arrive.”

Here is some more Tech News from around the web:

Tech Talk