Following on from my post about XSS vulnerabilities (not AJAX specific) I've just been watching a great video on AJAX Hacking (and prevention using ASP.NET). Well worth a watch - there are some great real world examples of exploits and what to do about them. And the amusing if cautionary tale of the Samy XSS virus.
One word of advice, do yourself a favour and select the "Download as video" option and save it locally somewhere. The first 10mins are silence (in fact things get going around 11min 30s) and you want to be able to seek the video to that point. The video is actually very small (<10MB for a 1hr 21min video which is staggering).