A German security expert has discovered a nasty bug in the iPhone's Safari browser that turns it into a malicious phone dialer.
The problem has existed since at least September 2007, and supposedly the 2.2 firmware update was supposed to correct this. Clearly, it has not.
We are not sure if issue is fixed in iPhone 3.0 firmware
Apple is reportedly aware of the situation.