Ethereum's recent Pectra upgrade, specifically the implementation of EIP-7702 designed to simplify wallet delegation, is being exploited by malicious bots that automatically drain wallets. Security researchers and firms, including Wintermute and others, have identified that over 97% of EIP-7702 delegations are linked to identical malicious contracts known as "CrimeEnjoyor," which facilitate automatic theft of Ethereum from compromised wallets. One reported victim lost $150,000 in a phishing attack related to this vulnerability. Additionally, a supply chain attack involving malicious npm packages targeting both Ethereum and Binance Smart Chain (BSC) wallets has been uncovered, with these packages capable of exfiltrating up to 85% of a victim’s crypto holdings using obfuscated JavaScript. The findings have prompted urgent calls for developers on Ethereum and BSC to upgrade their systems immediately to mitigate these risks.