While the tech world obsesses over AI and recent supply chain attacks, a quiet but unprecedented legal suit dropped in Munich in late January 2026. Almost nobody is reporting on it, which blows my mind because nearly everyone has a LinkedIn account now.

LinkedIn has become an essential tool for nearly every professional today, whether for job searching, recruiting, or business networking. While they disclose that they "collect information about your network and device, device identifier and features, cookie IDs and/or ISP, and your mobile carrier", they were scanning for much more than that. Unfortunately, like many large tech companies, they used hidden methods to extract maximum value from its users who are, ultimately, the product.

Every single time you (or any of LinkedIn’s roughly one billion users) load linkedin.com, hidden JavaScript quietly scans your browser for installed software and extensions. The results are sent straight to LinkedIn’s servers and to third-party companies like HUMAN Security (formerly PerimeterX), an American-Israeli cybersecurity firm. There is no meaningful consent, no clear disclosure in the privacy policy, and no opt-out.

What are they actually scanning for?

Here’s a clear breakdown based on the publicly available evidence and court-related disclosures:

• Browser extensions: The script checks for thousands of installed extensions and applications. This includes over 509 job-seeking and AI-powered application tools. LinkedIn can see who is actively job hunting, which companies or industries interest you, and which tools you rely on.
• Competitor tools: It specifically detects over 200 extensions related to rival platforms and sales tools (such as Apollo, Lusha, ZoomInfo, and others). This allows LinkedIn to target users with premium ads or potentially restrict competitor tools on its platform.
• Sensitive inferences: Certain extensions can reveal deeply personal information, such as religious beliefs, political views, disabilities, neurodivergence, or sexual orientation. These signals are collected and categorized, all tied to your identity.



This goes far beyond basic tracking. The data is tied to your LinkedIn identity (name, photo, job title, location, and employer) and also the data they openly say they collect. This suite of data allows them to do things like match devices to users and their locations, or match a user and their device to certain ads they are more likely to click on. While the scan does not directly read your passwords or payment details, the presence of specific extensions can still expose highly sensitive aspects of your life. That information is then shared with third parties.

LinkedIn hides this activity using advanced code obfuscation and encryption, making it basically impossible for users to notice. The primary external recipient is HUMAN Security, which has no obvious cybersecurity contract with LinkedIn that would justify receiving this level of user data.

This concerns me as someone who strongly values customer and user privacy. It’s a glaring example of how even outwardly professional platforms will push boundaries to monetize user data. The case filed in Munich (preliminary injunction, Case No. 37 O 104/26) alleges violations of the EU Digital Markets Act, competition law, and data protection rules. It remains ongoing, and the outcome could set an important precedent.

At its core, this highlights a simple truth: on LinkedIn, you are the product. The platform isn’t just a job board, at least, a very sophisticated data collection engine operating with minimal to no transparency.

Thank you for reading

As someone who has experience with most of the upcoming and new AI tools, the attack on the Mexican Government, which resulted in a very large sensitive data breach, is not getting the headlines I think it deserves. The attackers used the government's support chatbot, connected to Anthropic's Claude chatbot to dump the data. With the implementation of AI in just about everything we do now, you would think that the security of these tools would be robust and a focus. However, with the amount of money being put into the AI craze, corners are being cut and there are a few large issues this causes, that I would like to talk about.

The first thing that stands out about the Mexico attack is that this is the first time a threat actor has used an AI chatbot to spit out sensitive data held in a database elsewhere, straight from a prompt. We have seen before where people are able to extract the AI prompt/rule sets from prompting, but this takes the cake. It almost seems like satire but the hackers were able to dump and export the government's entire tax history database, as well as the voting system history, to see exactly who voted for who, just by insisting over and over to the chatbot. They even said please and thank you when it finally complied, hours after constant begging.

The other issue that is becoming more prominent are exploits/payloads that have an LLM ingrained in them. While we are still too early to see the full capabilities of these tools, we are already seeing the first signs of what could be a major problem in the future. These large scale attacks with AI exploits are able to adapt on the fly. Tools like WormGPT or EvilAI are smart and able to quickly create and push attacks, while also being able to send more detailed and possibly sensitive reports on what it finds, which helps the attacker later down the road, as the AI is more likely to find relevant data.

What led us here

How did we get here? AI is fresh to the industry and things change around it all the time. Here are least 3 things I can see, that at least contribute to this issue.

• Majority of the large tech companies are using tools like Claude, ChatGPT, or OpenClaw (ClawdBot) which can be integrated in many services and even comes with pre-built connectors for them. The developers at said companies will use this AI tool heavily because it's fast, it works non-stop, and it's cheap.


• Instead of having help desk people or dedicated support teams, many companies are relying on AI to handle customer inquiries and support tickets. Aside from the very annoying fact that now if you have an issue you have to deal with a very low level LLM, these AI helpers are reliable as a basic support tool, and can be implented in phone systems as well. However, these bots are usually trained on company specific data, and just like we saw with the AI prompt jailbreaking, that is an issue because the AI is made to do what it is asked for, even if what is being asked for is regulated and protected data. It's a machine.


• The final issue is that these companies are not spending time or money to secure them, maybe because they come from a large AI company like OpenAI, who is thought to be bulletproof. Maybe it is because these AI companies present their product with "Speed to Market" as the selling point to customers. This is not a new theme and we have seen time and time again where a company is attacked at a weak point that could have easily been prevented, had they done actual and rigorous testing before launch.

This leads me to my talking point. I manage and am in charge of the security of a few services, for the company I work for and I have also recently integrated AI into a few of them, relating to social media marketing generation (particularly docker for services, a business environment for chatgpt, and dropbox to store the things the AI makes). I see how these large AI companies ship and sell their product and I can see how a company that is not security based, can easily overlook the needed security on them. However, with the craze of AI adoption, as well as the possible monetary benefits for a company to use them, AI is being jammed into every possible place.

This is not the last attack using AI that you will see or hear about. Data breach after data breach occurs and yet, there are no talks about improving security or the laws regarding them. In 2024 the entire U.S. social security database was compromised and nothing came of it. Most likely a settlement was reached between vendors under the table, and that was that. This is just one example of how customer data and the required security for these are overlooked in the name of profits or shareholder value. Companies are actively forgetting how important the security of your data, and your customers, really is.

My closing remarks on this is that AI is a great tool, as is all of the fun connectors you can find for it on github or even libraries in code editors like VS Code. But just like we have seen with all of those, they are prime targets that can turn a small, outdated, and unsecure python library into a backdoor for everyone that downloads it, from what they think is a secure service. Do not ever assume that something is secure, and always try and keep security at the forefront of your mind. As we continue to rapidly push software out for the sake of profit, worse and worse cyber attacks happen. The service usually just points a finger at a vendor it uses, and then pays a settlement and the actual users who lost their data, don't get a thing, and now have their stuff out there on someone elses computer. Don't be that company.

Thank you!