These has come up based upon research from the DDOS that hit the root name servers just before Xmas:
Researchers identify command servers behind Google attack
Adobe has a 0 Day exploit in the wild that will effect every reader that's older than 3 days:
IE 6,7, and 8 has a 0 Day in the wild:
0-day vulnerability in Internet Explorer 6, 7 and 8
And, just recently, I've seen Abovenet and Level 3 do emergency maintenance to on their routers due to an exploit found in the TCP/IP stack in Juniper firmware. All of this has come about based on a myriad of security findings during the analysis of the DDOS attacks at the root name servers (The one that took down Amazon) from 2 days before Xmas.