LinkedIn secretely scans for 6,000+ Chrome extensions, collects data
Summary
LinkedIn is reportedly using hidden JavaScript on its website to scan visitors' Chrome browsers for over 6,000 installed extensions and collect device data. This "BrowserGate" report indicates that LinkedIn is not just collecting data about users' interactions with its platform but also potentially sensitive information about their browsing habits and installed tools.
IFF Assessment
This is bad news for defenders as it reveals a large-scale, covert data collection practice by a major platform, potentially impacting user privacy and exposing them to risks from unknown data handling.
Defender Context
Defenders should be aware of how platforms may be exfiltrating browser data beyond explicit user consent. This highlights the importance of browser extensions security, endpoint monitoring for unusual network traffic, and user education on privacy settings and platform data collection practices.