AES may have been broken. Serpent, too. Or maybe not. In either case, there's no need to panic. Yet. But there might be soon. Maybe.
Some of the confusion stems from different definitions of "attack." To a cryptographer, an attack is anything that breaks the algorithm faster than brute force, even if it is completely impractical. To an engineer, an attack is something that is practical, or at least might be practical in a few years. An attack that breaks AES to a cryptographer might not to an engineer. The rest of the confusion stems from not being sure the attack actually works.
AES is the standard encryption algorithm that was chosen by a recent standards process to replace DES, which has been in use for years in both government and commercial environments. If it's seriously broken, it's bad news, since it has been included in the design of most commercial products making use of encryption.