Security researching Charlie Miller has discovered a vulnerability on the iPhone that could let hackers run unsigned code using SMS messages to attack. Miller has been asked by Apple not to reveal the details of the issue so to give Apple's coders time to fix the security hole.
Miller did share some of the things that would be possible if a hacker was able to exploit the vulnerability:
"The SMS vulnerability allows an attacker to run software code on the phone that is sent by SMS over a mobile operator's network. The malicious code could include commands to monitor the location of the phone using GPS, turn on the phone's microphone to eavesdrop on conversations, or make the phone join a distributed denial of service attack or a botnet."
Apple is currently working on a solution, but it is unknown if it will require a firmware update. If you see a small 3.0.1 update soon with no real changelog, you'll know why!
In the meantime, I wouldn't worry about this as it would require the hacker to have your number and you don't give your number out to hackers, do you?