don't click on google beta groups links
Simply having a user click a "groups-beta" link, any script ( read: malicious ) can be injected to the users browser ( confirmed by the author in Internet Explorer ). This appears to manifest itself if the malicious script is embeded in the content of the message body itself. Simply reading a group posting has the same effect.
and the proof of concept is online
bytheway Google Groups is the usenet, the oldest, biggest archive and community of forums