Tiedemies1

A recent XSS exploit on Steam allows any user above level 10 to execute any HTML code on his steam profile. Until this is patched, please refain from visiting ANY steam profiles you don't trust on your Steam client / Steam overlay or any browser you're logged in to. If you wish to check a profile anyway, please use Incognito / Private browsing mode in chrome / firefox and make sure you don't login to any of your accounts. 

Please do not follow any instructions on how to 'play music' on your steam profile or 'modify your level'. Those will most likely cause you to get permanently community banned from Steam once the exploit is discovered by Valve.

TL:DR A dangerous exploit allows attackers to easily get access to your account by you just visiting a malicious profile. Use incognito to browse steam profiles, and do not download any files that may mysteriously pop out of legitimately looking steam profiles

Stay safe
Delite