Yesterday, Mozilla announced that they pulled two add-ons from the Mozilla Add-ons site. One add-on was not approved but still installed by roughly 1,800 users with 334 users currently reportedly using it. The problem with this add-on, appropriately called Mozilla Sniffer, is that it compromised users security. If somebody with this add-on installed submitted a login form with a password, it would also submit all of that information to a remote location. The Mozilla Sniffer add-on was listed as still being experimental, which means it required somebody to login and review a prompt that warned them that the code had not been reviewed by Mozilla yet.
If you have Mozilla Sniffer installed in your Firefox browser, it is recommended that you immediately uninstall the add-on and change your passwords.