As reported by Ars Technica, all Android phones currently have a flaw that puts them at risk of being hacked. The oddly named “Dirty COW” flaw exist within the heart of every version of the Android operating system and can give attackers essentially full access to your phone.
Attackers will first have to get you to run an application you download to your phone so it might pay to be extra careful about where download apps from. Hacked free versions of games are always a big risk, for instance.
Google runs automated screenings on every app it allows on its Play Store, so downloading from there is generally considered safe, even though some virus laden apps have shown up there in the past.
A fix for this Dirty COW flaw should be out some time in December, so until then it might be best to stick to apps made by companies you know.