According to a post on /r/Steam subreddit, a malicious exploit targets user information via profile links. On your activity feed, or on other people’s profiles, do not click Steam profile links to prevent from an act of information theft. To cut it short: Don’t monkey around with other Steam profiles, if you don’t want your Steam account to be stolen. Here is the full post by the moderator R3TR1X:
If you are affected, the post further states; you should change your password, enable Mobile Authenticator (and deauthorize Steam Guard on all other systems), restart modem/change your IP and scan your PC for malwares.
You should also enable your Steam URL Address Bar from the Steam settings, and then check all the links when you browse Steam. Do not follow unfamiliar or weird links. Don’t look at the profiles of people you are unfamiliar of. Valve Security is working on a fix right now.