{"id":236273,"date":"2026-04-27T09:31:00","date_gmt":"2026-04-27T13:31:00","guid":{"rendered":"https:\/\/news-you-need.com\/index.php\/2026\/04\/27\/linkedin-browsergate\/"},"modified":"2026-04-27T12:15:15","modified_gmt":"2026-04-27T16:15:15","slug":"linkedin-browsergate","status":"publish","type":"post","link":"https:\/\/news-you-need.com\/index.php\/2026\/04\/27\/linkedin-browsergate\/","title":{"rendered":"LINKEDIN BROWSERGATE"},"content":{"rendered":"<p><a href=\"https:\/\/securityaffairs.com\/191383\/security\/linkedin-browsergate.html\">LINKEDIN BROWSERGATE<\/a><\/p>\n<p><a href=\"https:\/\/securityaffairs.com\/191383\/security\/linkedin-browsergate.html\">https:\/\/securityaffairs.com\/191383\/security\/linkedin-browsergate.html<\/a><\/p>\n<p>Publish Date: <a href=\"publish_date]\">2026-04-27 09:31:00<\/a><\/p>\n<p>Source Domain: <a href=\"securityaffairs.com\">securityaffairs.com<\/a><\/p>\n<p><h2>LINKEDIN BROWSERGATE<\/h2>\n<\/p>\n<p>\t\t\t\t\t\t\t<span> Pierluigi Paganini<\/span><br \/>\n\t\t\t\t\t\t\t<span><img decoding=\"async\" src=\"https:\/\/securityaffairs.com\/wp-content\/themes\/security_affairs\/images\/clock-icon.svg\" alt=\"\"\/> April 27, 2026<\/span><\/p>\n<p>\t\t\t\t\t\t<img decoding=\"async\" class=\"img-fluid mb-4\" src=\"https:\/\/i0.wp.com\/securityaffairs.com\/wp-content\/uploads\/2016\/11\/linkedin-2.jpg?fit=930%2C500&#038;ssl=1\" alt=\"\"\/><\/p>\n<h2 class=\"wp-block-heading\">BrowserGate claims LinkedIn secretly fingerprints users via extensions and device data, sending encrypted results to third parties for tracking.<\/h2>\n<p>BrowserGate is an investigation conducted by Fairlinked (https:\/\/browsergate.eu\/), an association of commercial LinkedIn users, which documents what it describes as one of the largest data breach and corporate espionage scandals in digital history. The central thesis: every time one of the billions of users visits linkedin.com, hidden code scans the computer for installed software, collects the results, and transmits them to LinkedIn servers and third-party companies, including a US-Israeli cybersecurity firm.<\/p>\n<p>The user is never informed nor asked for consent. LinkedIn\u2019s privacy policy makes no mention of it.<\/p>\n<p>The system consists of three cooperating modules within a single JavaScript bundle (Webpack chunk.905, ~2.7 MB, Ember.js framework):<\/p>\n<table class=\"has-fixed-layout\">\n<tr>\n<td><strong>System<\/strong><\/td>\n<td><strong>Internal Name<\/strong><\/td>\n<td><strong>Function<\/strong><\/td>\n<\/tr>\n<tr>\n<td>APFC \/ DNA<\/td>\n<td>triggerApfc, triggerDnaApfcEvent<\/td>\n<td>Device fingerprinting: 48 browser characteristics<\/td>\n<\/tr>\n<tr>\n<td>AED<\/td>\n<td>AedEvent, fetchExtensions<\/td>\n<td>Active extension scanning via fetch()<\/td>\n<\/tr>\n<tr>\n<td>Spectroscopy<\/td>\n<td>SpectroscopyEvent, scanDOMForPrefix<\/td>\n<td>Passive DOM scanning<\/td>\n<\/tr>\n<\/table>\n<h2 class=\"wp-block-heading\">Stage 1 \u2014 Active Extension Detection (AED)<\/h2>\n<p>Inside Webpack module 75023, there is a hardcoded array with entries in the form <strong>{id: \u201c\u2026\u201d, file: \u201c\u2026\u201d}<\/strong> where id is the Chrome Web Store extension ID and file is a path to an internal extension resource declared as web-accessible.<\/p>\n<p><strong>The probing mechanism:<\/strong><\/p>\n<p>Chrome extensions can expose internal files to web pages through the <strong>web_accessible_resources<\/strong> field in their manifest.json. When an extension is installed and has exposed a resource, a fetch() request to chrome-extension:\/\/{id}\/{file} will succeed. When it is not installed, Chrome blocks the request and the promise is rejected.<\/p>\n<p><strong>Method 1 \u2014 Parallel batch scan:<\/strong> All fetch() requests are&#8230;<\/p>\n<p><a href=\"https:\/\/securityaffairs.com\/191383\/security\/linkedin-browsergate.html\">Source<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>LINKEDIN BROWSERGATE https:\/\/securityaffairs.com\/191383\/security\/linkedin-browsergate.html Publish Date: 2026-04-27 09:31:00 Source Domain: securityaffairs.com LINKEDIN BROWSERGATE Pierluigi Paganini April&#8230;<\/p>\n","protected":false},"author":1,"featured_media":236274,"comment_status":"closed","ping_status":"","sticky":false,"template":"","format":"standard","meta":{"fifu_image_url":"https:\/\/securityaffairs.com\/wp-content\/uploads\/2016\/11\/linkedin-2.jpg","fifu_image_alt":"","footnotes":""},"categories":[15],"tags":[30,24],"class_list":["post-236273","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cybersecurity","tag-breach","tag-cybersecurity"],"_links":{"self":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/236273"}],"collection":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/comments?post=236273"}],"version-history":[{"count":1,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/236273\/revisions"}],"predecessor-version":[{"id":236275,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/236273\/revisions\/236275"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/media\/236274"}],"wp:attachment":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/media?parent=236273"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/categories?post=236273"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/tags?post=236273"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}