Ethereum’s Pectra upgrade, activated on May 7, 2025, introduced EIP-7702, which allows wallets to delegate control via offchain signatures—opening a major security risk. Attackers can now drain funds from externally owned accounts (EOAs) by tricking users into signing a malicious message that installs harmful code on their wallet. This bypasses traditional onchain transaction safeguards and affects even hardware wallets. The risk is especially high through phishing and fake apps, prompting experts to urge caution and better wallet interface protections. Source: Cointelegraph
