Apparently it's always been around - just nobody really dove down into the firmware level to see about any exploits. Although, I can almost guarantee how STUXNET was deployed in Iran by the US gov.
According to the article they found a couple exploits...but not sure if they're going to release either of them at the Black Hat convention. Hopefully something can be done about this...because it can potentially be really bad, especially if its silent on both the USB and PC side. USB infects the PC, PC infects every USB device with writable, unsigned firmware, possibly travels through the network if it can mutate itself into a worm form, and then the worm deploys the firmware exploiter...and continues on. Good way to get it started too would be to just give out free flash drives on the street trying to "promote a product" - could be a fake product even, and boom...infected since pretty much everybody takes free flash drives.