There's a nasty new trojan horse going around, discovered yesterday. This one's a two-parter; the first part, js.scob, infects Microsoft IIS Web servers and causes them to attach a JavaScript payload to every file served. Anyone viewing an infected site with Internet Explorer (even fully patched) will execute the payload, which downloads and installs "keystroke loggers, proxy servers and other back doors providing full access to the infected system." While the backdoor is still under analysis, the keystroke logger looks for login information and credit card numbers for PayPal, eBay, EarthLink, Juno and Yahoo.
Once again, I'm glad I use Opera; when an infected page tried to execute, Opera threw up an "Illegal address" error message and aborted the script.