I received this notification in my WordPress Admin panel news a few minutes ago. A cracker gained user-level access to one of the WordPress [dot org] servers and modified the download file inserting a security exploit. Thankfully only the latest 2.1.1 download was affected by this attack. The admins at WordPress were quick to take their website down and investigate the matter. Also, a verified and updated version of WordPress 2.1.2 has been released to replace the affected version.
So if you have downloaded and upgraded to WordPress 2.1.1, you must instantly replace your files with the latest version. But considering that version 2.1 was released only 39 days ago, most bloggers have only gotten around to upgrading to that version. The releases are coming in thick and fast and admit it or not, upgrading can be a pain not so much because of the actual process of upgrading but simply because of precautionary measures of taking backups. I say, take weekly backups of your database and instant backups of your theme if you make any major changes.