[H]ard|OCP has posted a warning to Firefox users about a vulnerability that can be exploited using a number of add-ons.  The problem stems from the extension updates being hosted on a third party server, and being sent unencrypted, as opposed to being over HTTPS.  This could allow an attacker to intercept the update, and replace it with their own code.
“According to Chris Soghoian, the Indiana University doctoral candidate who discovered the weakness, the vulnerability exists for some of the most popular Firefox add-ons, including Google Toolbar, Google Browser Sync, Yahoo Toolbar, Del.icio.us, Facebook Toolbar, AOL Toolbar, Ask.com Toolbar, LinkedIn Browser Toolbar, Netcraft Anti-Phishing Toolbar, PhishTank SiteChecker and a number of others, mainly commercial extensions. Ironically, at least two of the toolbars listed here are designed to help protect users from new security threats.”

Here is some more Tech News from around the web:

Tech Talk