wild idea) took advantage of a TIFF exploit, the recent EVO 4G root found a hole in Flash Lite, and the JailbreakMe exploit is stuffing its code in a PDF font. Until Apple patches this exploit (when asked, Apple told us it was "aware of the reports and looking into them") we'd be extra careful about which PDFs we open -- there aren't any reports of malicious use so far, but with Safari's seamless handling of PDFs, it wouldn't be hard for some hacker to hide a potentially phone-invading PDF behind some harmless looking hyperlink. The iPhone devteam points out that this isn't the only known exploit for Safari on iOS, so there's no need to start hyperventilating about this particular one... unless it's a slow day at your mainstream media publication and you're looking for something to hyperventilate about.
Oh, and are you looking for a surefire way to steer clear of PDFs? Cydia has a PDF loading warner that lets you skip PDFs your browser is trying to load on a case by case basis. Of course, you'll need to jailbreak your phone to use it. Ironic, right?