A series of cybersecurity threats have emerged targeting DevOps infrastructure and cryptocurrency platforms. A cryptojacking campaign exploits DevOps web servers, including Docker, HashiCorp Nomad, HashiCorp Consul, and Gitea, using off-the-shelf tools from GitHub. This campaign affects both Windows and Linux systems. Concurrently, new supply chain attacks have been detected in popular open-source package repositories such as npm, PyPI, and RubyGems. These attacks involve malicious packages designed to steal cryptocurrency wallets, delete codebases, and exfiltrate Telegram bot data. Researchers have also raised alarms about Ethereum's recent Pectra upgrade, specifically the EIP-7702 feature, which has been exploited by wallet-draining bots. Over 97% of EIP-7702 delegations reportedly use identical malicious contracts named "CrimeEnjoyor" that auto-drain Ethereum from compromised wallets. Additionally, malicious npm packages have been found to exfiltrate up to 85% of victims' Ethereum or Binance Smart Chain (BSC) wallets through obfuscated JavaScript. Other threats include a new variant of Chaos RAT malware targeting Linux and Windows users, spreading via phishing campaigns to deploy crypto miners, steal data, and gain full device control. These developments highlight ongoing risks in both software supply chains and blockchain ecosystems.