The End of Secure Transactions Over the Internet?

Some of you may have heard that someone "cracked the system used by secure sites". In fact, what has happened is that someone has managed to produce a "collision" on SHA-0. This means they have managed to generate two different messages that, when they have the SHA-0 hashing algorithm applied, generate the same hash result. The implications are not fully known yet, but note that they are not able to produce a collision message against a particular message. In other words, they can produce a message M and M' where H(M) = H(M'), but can't currently produce a message M1 against your message, where H(M1)=H(your message)

This site explains it as clearly as I've seen so far. It also suggests some of the implications of the results.