Google Reader’s “share item” function is known to be vulnerable to CSRF for quite some time, but this is the first time I personally witness such an attack (not a particularly malicious one, but can be highly viral). Just in case you run into similar sites like above people did, remember this Internet rule:
“Click-here-to-view-more-hot-girlz” site is always a scam, the only difference is how deep of a trouble it can bring to you.
Attached the source for your viewing pleasure: a straightforward attack, and because it spreads through Google Reader/Buzz, which itself builds on top of “trusted relationship“, we expect an exponential victim growth. (ie. the victim platform carries the virus further, this symptom has been observed in various attacks on socialized services, for instance Twitter/Facebook attacks.)
Update at 19:42 GMT+8: Some high-profile GR users are now affected, expect this CSRF to affect a lot more people. Check your GR Share & Notes if you have been to this site.
Update at 20:29 GMT+8: 懒得翻译中文了……简单一句，假如你通过GR或Twitter看过某自称“按用户点击排名的美女聚合网站”，请检查自己的GR分享与评论。你的GR个人密码安全无恙。
Update at 21:12 GMT+8: Edited article to reflect latest status.