Apple released a security update to 10.6 and 10.6 server today, which fixes a security bug in the AFP file sharing protocol.
The bug allowed attackers to access AFP shared folders without a password, even if password protection was on — all they need is the account name. If you don't share files or folders, you're not at risk, but if you have file sharing turned on in your System Preferences you'll want to download this update ASAP. Hit up Software Update to download the patch. [Apple Support]