An Android Firefox exploit found which can be triggered and execute apk files. It forces Firefox versions 23/24/26 to download and execute a malicious application. This exploit was posted by a Russian hacker and exploit writer and the auction starts at $460. This can happen by just visiting a malicious site so even browsing is not safe. The only thing for the attacker is to use some social engineering and convince people to visit a malicious website. He might not even have to do it since he can instead infect a known website and all its visitors be victims. Update your software to the latest version and be careful on the websites you are visiting.
Auction for an Android Firefox exploit