Looks like Russian Hacker Evgeniy Polyakov has successfully poisoned the latest version of BIND which was supposed to have been patched in that massive, coordinated release. The release was supposed to randomize the ports to make it much more difficult to poison. Using Evgeniy Polyakov’s exploit code and some common hardware, it took 10 hours. Yikes.
The New York Times article by John Markoff has more details.