The Wall Street Journal is running a series of articles about tracking and personal privacy:
Here is an example from VirtualForge of CrossSite Scripting Vulnerabilities
For Firefox - there is a great plugin: Ghostery that displays what is happening on each web page with respect to cookies and tracking: Ghostery: Firefox plugin
When installed, the plugin displays in the upper right corner a purple rectangle wiht the names of the cookie cooks that planted cookies on your computer. Below is an example from the NY Times that indicates 4 cookies form Comscore Beacon, Doubleclick, Google Adsense and Quantcast.:
C. Frank Starmer