A series of recent cyberattacks have targeted cryptocurrency users, with a focus on malware distribution through fake software and malicious packages. Europol's Operation Endgame has resulted in the arrest of over five clients linked to the SmokeLoader malware, which has been associated with ransomware, spyware, and cryptocurrency theft. This operation follows a broader trend of increasing threats, including the emergence of new malware loaders such as ModiLoader, GootLoader, and FakeUpdates, which are being used for phishing and drive-by attacks. Additionally, users of Exodus and Atomic Wallets are at risk due to a new supply chain attack involving malicious npm packages. These packages are designed to compromise local wallets and steal private keys, posing a significant threat to users' funds. The malicious npm package known as pdf-to-office, masquerading as a PDF tool, has been identified as a key vector in this attack.