The most obvious attack is leaving the wallet unlocked for too long, allowing some hacker to leverage a totally unrelated vulnerability in some other software to gain access to your system and drain your bitcoins. bitcoin-cli does not prompt you to re-enter your password when doing sensitive operations like signing a transaction (unlike the GUI version of Bitcoin Core).

The solution to that is to not run Bitcoin Core alongside any other software on your computer.