The issue wasn't in the smart contract, it was a compromised dev machine. Something like this can happen to any cryptocurrency, we have seen such compromises causing issues on Bitcoin too.

Ethereim smart contracts have many issues, but this incident wasn't a case of smart contract vulnerability.

Ethereum and Bitcoin both share the same elliptic curve (secp256k1) so the cost of signing is the same. The issue with multisig is lack of standization. If there were one dominant standard, the hardware wallet could do it.

What hardware wallets support multisig on Bitcoin?