Mozilla has been busy at work on a rewritten version of Firefox for Android, which is already live in the browser's Beta and Nightly (formerly Preview) channels. However, if you're still on the regular stable version of Firefox for Android, you should update right now.

Firefox 68.10.1 is now rolling out on the Play Store, which fixes a critical security vulnerability that could theoretically allow remote webpages to read local files, including cookies from other websites:

A Content Provider in Firefox for Android allowed local files accessible by the browser to be read by a remote webpage, leading to sensitive data disclosure, including cookies for other origins.

There aren't many public details about how the vulnerability works, so malicious sites can't take advantage of it before it's widely patched, but only the classic Firefox browser is affected. If you use the Beta or Nightly/Preview versions, you don't have anything to worry about. Firefox browsers on other platforms (Windows, macOS, and so on) are also unaffected.

If you are using the regular Firefox for Android, you should definitely update as soon as possible. The latest version (68.10.1) is already rolling out on the Play Store, but you can also grab it from APKMirror.