A known vulnerability in Apple's Safari browser is the new target for a proof-of-concept exploit that allows a hacker to arbitrarily run code on unpatched Mac systems.
This vulnerability is specific for Safari version 6.0.1 and earlier; it was found and addressed by Apple in November 2012, so it will only affect systems that have not been updated. Nevertheless, it is out there, and hackers and cybercriminals are notorious for preying on unpatched systems.
Generally, once a vulnerability is found, it is kept under wraps until a patch is available for it; however, this does not mean all systems will be safe. For the patch to be effective, users must actually install it, but often users are quite stubborn in this regard and will not install patches for fear of bugs or other disruptions to their workflow.
In most cases, Apple builds OS X to regularly update or at least notify users of updates, so as long as you have kept Software Update running and have applied the latest security patches to OS X 10.7 and 10.8, you should be safe from this threat.