Android Police appears to be the first to discover the vulnerability. Interestingly, it appears that the vulnerability is not present in the Verizon version that Skype produced for that carrier, just in the normal app in the Android Market.
For this to be exploited, however, a user has to download a malicious app. Thus, it's more important than ever that users be careful what apps they download, and perhaps make sure they install a security app on their device, as well.
Skype is working on a fix for the vulnerability. You can watch a video of the exploit below.