Customizing your browser to hide often makes it easier to recognize.
JFrog found malicious npm packages that deploy a Windows RAT to steal Chrome credentials, run commands, and transfer files.