Apple Safari 3.1 Browser Under Attack
One flaw is a memory corruption issue that could be exploited if a user is downloading a .ZIP file with a really long filename.
The second flaw is an address bar spoofing issue.
Frankly, I wouldn't have rated both of these issues as 'Highly Critical' myself since they both require user interaction (but hey I'm not currently a full time security researcher).
Apple has not yet made any kind of patch available for Safari 3.1 for the new issues, so if you're running Safari - also use common sense and as always - DON'T VISIT UNTRUSTWORTHY SITES! (but that goes for any browser on any platform).