CNet reported on October 25th that a new spoofing bug has been reported for IE7. The basic issue is that the displayed URL can be coaxed to looking like a legitimate URL when in reality it is hitting an undesirable website, i.e. phishing. CNet's source is Secunia, a security company.
Did I tell you that Mozilla released Firefox 2.0 on the 24th?