Apple could have a serious security threat on its current firmware for the iPhone, and possibly the iPod touch (since they basically share the same OS), if a report from MacNN is true. According to their report, a group of iPhone developers have identify a bug that could lead it granting access to third party code.
This bug is found in the Default.png file of applications, which is used to display an app when when it is being loaded on the iPhone. While this is limited to a static version, Apple’s own applications are able to be more “dynamic” as they show items like the date or a preview. According to the group, developers could easily fool the phone to think that it should allow third-party apps to have access to a dynamic Default.png file.
It should be noted that this has not been proved yet, and the next version of the firmware (firmware 2.2) is rumoured to be released on the 21st of November. So don’t get scared yet.