According to a comment to this blog entry on Mat Mullenweg’s blog (he’s the guy who is the founding developer of WordPress), it looks like spammers or other evil types could use RSS feeds to deliver “nasty payloads” to your computer. Even a blog written by someone you know and trust could be hijacked to deliver bad stuff to your computer via RSS. While this hasn’t been documented yet (that I know of), it looks like it’s only a matter of time.
The main entry is also worth reading:– spammers are finding out ways to hack into blogs to insert invisible content. This serves as yet another reminder to keep our blogging software current — and to have clean back-up files of key data and files, just in case we do get infected.