Apple is aware of the web-based exploit used to Jailbreak iOS 4 and iPhone 4, but also potentially able to allow malicious access to any iPhone -- Jailbroken or not -- and are investigating it.

While many users were thrilled at the rapidity and simplicity with which Comex et. al. delivered an iOS 4 and iPhone 4 Jailbreak, that same exploit could just as rapidly and simply be used to hack any iPhone for any reason -- including malicious ones like stealing your data.

Tapping on a web link is far easier to get someone to do than downloading and running a program, and with this exploit being zero-day and in the wild, Apple will need to get it patched and fast.

Until they do, the usual advice applies -- don't go to websites you don't trust completely, and don't click on links in emails if there's any chance they're malicious (go type the URL in the browser yourself).