There's been some mediacoverage on a recent vulnerability announcement. This is related to Java vulnerabilities affecting at least the Nokia S40 phone platform, and possibly other phone platforms based on a similar Java reference platform.
The vulnerability details have not been released, but if it works as advertised, this vulnerability could affect more than a hundred million mobile phones. This vulnerability is reported to enable attacker to be able to execute arbitrary code on target phones.
The S40 platform has never been targeted by a mobile phone virus or other malware. We're not expecting to see real-world attacks using this vulnerability in the near future either.