LinkedIn secretly scans for 6,000+ Chrome extensions, collects data

A new report dubbed "BrowserGate" warns that Microsoft's LinkedIn is using hidden JavaScript scripts on its website to scan ...
The Next Web

LinkedIn is secretly scanning your browser for 6,000 extensions, and you weren’t told

LinkedIn runs a hidden JavaScript script called Spectroscopy that silently probes over 6,000 Chrome extensions and collects ...

Microsoft's LinkedIn is scanning installed browser extensions without user permission

Researchers have determined that Microsoft's LinkedIn is scanning browser plug-ins and other information without permission, ...
The Hacker News

Claude Extension Flaw Enabled Zero-Click XSS Prompt Injection via Any Website

Claude extension flaw enabled silent prompt injection via XSS and weak allowlist, risking data theft and impersonation until ...
The Hacker News

North Korean Hackers Abuse VS Code Auto-Run Tasks to Deploy StoatWaffle Malware

North Korean hackers exploit VS Code tasks.json auto-run since Dec 2025 to deploy StoatWaffle malware, stealing data and ...
GitHub

Built-in extension vscode.github is crashing on activation

at file:///c:/Users/JohnM/AppData/Local/Programs/Microsoft%20VS%20Code%20Insiders/11246017b6/resources/app/extensions/github/dist/extension.js:1:383 at file:///c ...
Visual Studio Magazine

Hands On with OpenClaw Node for VS Code: Real Workflow, Real Friction

OpenClaw's Node for VS Code extension proved it can support a real local file-based workflow, but on Windows the experience still feels more like early infrastructure than finished tooling.
XDA Developers on MSN

Google kept featuring this Chrome extension for months after it turned malicious

How can an extension change hands with no oversight?
PCMag

LinkedIn Faces Spying Allegations Over Browser Extension Scanning

A German group claims LinkedIn is 'illegally searching' users' computers. But the Microsoft-owned site says it collects data ...