Not exactly a new exploit but worth noting. Internet Explorer allows unpriviledged scripts to read the contents of the system clipboard – if you copy a credit card number to your clipboard, it can be stolen simply by visiting a website in Internet Explorer.

There is a good explanation of the exploit here. A demo of the exploit can be found here (naturally you need Internet Explorer).