Unlike many browsers, Firefox doesn't always isolate an add-on’s functions and as a result are opening millions of end users to a new type of attack that can surreptitiously execute malicious code and steal sensitive data, a team of researchers reported.
Well I'm never gonna go and blindly install a random add-on that I don't even know about, so assuming most users are like me in that respect, we don't have much to worry about.
If websites would stop with their autoplay videos I wouldn't need noscript installed.... It's so annoying reading an article then out of the blue a video along the side starts yelling at you....