[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fwlnKaEEEKQgqSid6wcxr9CbvUdtZO04ikA3cZCq_5SM":3},{"article":4,"iocs":51},{"id":5,"title":6,"slug":7,"summary":8,"ai_summary":9,"brief":10,"full_text":11,"url":12,"image_url":13,"published_at":14,"ingested_at":15,"relevance_score":16,"entities":17,"category_id":28,"category":29,"article_tags":33},"c1d4c243-170c-488c-ab03-f02ae6c7855f","$3 Million Reportedly Stolen in Polymarket Hack","3-million-reportedly-stolen-in-polymarket-hack-f07ab6","The decentralized prediction market said hackers targeted some of its users through a compromise of a third-party vendor. The post $3 Million Reportedly Stolen in Polymarket Hack appeared first on SecurityWeek.","Decentralized prediction market Polymarket is refunding users affected by a recent hack. The attack originated from a compromise of a third-party vendor, which injected a malicious script into Polymarket's frontend. Blockchain security firm PeckShield reported that approximately $3 million worth of pUSD was stolen through a phishing campaign, with the attacker bridging funds to Ethereum.","Polymarket users lost $3 million in crypto after a third-party vendor compromise.","Decentralized prediction market Polymarket has promised to fully refund users affected by a hacker attack that came to light this week. Polymarket is a cryptocurrency-based prediction market platform that enables users to trade on the likely outcomes of real-world events ranging from elections and economic indicators to sports and cultural happenings. The company has shared little information about the incident. “This morning we discovered a 3rd party vendor had been compromised, injecting a malicious script into our frontend for some users. We’ve contained it & removed the affected dependency,” Polymarket said in a Thursday post on X. It noted that impacted users will be contacted and fully refunded, but it did not clarify how many users were affected and how much cryptocurrency was stolen. Blockchain security company PeckShield reported that roughly $3 million worth of pUSD, Polymarket’s USDC-backed trading currency, was stolen via a phishing campaign. Advertisement. Scroll to continue reading. “The attacker bridged the stolen funds from Polygon to Ethereum and swapped them into ~1,893 ETH,” PeckShield said. A blockchain analyst confirmed that the losses total nearly $3 million, with funds stolen from at least 11 victims. It’s unclear who is behind the attack. SecurityWeek has reached out to Polymarket for confirmation of the amount stolen and the number of impacted users. This article will be updated if the company responds. Related: $290 Million Kelp DAO Crypto Heist Blamed on North Korea Related: CryptoBandits Malware Doubles as a Backdoor, Abuses Tor Related: Dozens of Malicious Crypto Apps Land in Apple App Store Related: International Operation Targets Multimillion-Dollar Crypto Theft Schemes Written By Eduard Kovacs Eduard Kovacs (@EduardKovacs) is senior managing editor at SecurityWeek. He worked as a high school IT teacher before starting a career in journalism in 2011. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering. Daily Briefing Newsletter Subscribe to the SecurityWeek Email Briefing for the latest cybersecurity threats, trends, and expert insights. More from Eduard Kovacs Cisco SD-WAN Zero-Day Exploited Months Before PatchingMicrosoft and Allies Smash Shared Infrastructure of Amadey and StealC MalwaremacOS Weaknesses Chained to Silently Disable Endpoint Security AgentsThird DraftKings Hacker Sentenced to 18 Months in PrisonHackers Exploiting Cisco Unified CM VulnerabilityDragos Unveils AI for OT Security Algerian Man Extradited to US for Running Cybercrime MarketplacesTrump Signs Executive Order Accelerating Post-Quantum Cryptography Migration Latest News Russian APT Deploys ‘StockStay’ Backdoor Against Ukrainian TargetsFirst-Ever Exploitation of PTC Windchill Vulnerability Discovered in the WildNew Enterprise-Ready MCP Specification Brings New Security ChallengesPhilip Martin Joins Uber as Chief Information Security OfficerRunlayer Raises $30 Million in Series A FundingCal Water Says No OT Systems Breached in Iranian Handala CyberattackLantronix Serial-to-IP Converter Flaw Exploited in Attacks After OT Threat WarningGitLab Patches Code Execution, Information Disclosure Vulnerabilities Trending Daily Briefing NewsletterSubscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts. Webinar: Why Email Security Keeps Failing (And What Has to Change) July 8, 2026 Join this live webinar as we break down why email-layer defenses alone can't keep pace with the modern phishing ecosystem, how agentic AI is changing the capacity equation for security teams, and more. Register Virtual Event: 2026 Cloud Security Summit July 16, 2026 This year's summit will help organizations learn how to utilize tools, controls, and design models needed to properly secure cloud environments. Interact with leading solution providers and other end users facing similar challenges in securing a variety of cloud deployments. Register People on the MovePhilip Martin has joined Uber as Chief Information Security Officer.Fable Security has appointed Jacob Berry as Chief Information Security Officer.iCOUNTER has named Ali Waezzadah as Chief Information Security Officer.More People On The MoveExpert Insights When Information Becomes the Attack Surface – Understanding AI Agent Traps From hidden content injections to cognitive state poisoning, attackers are turning trusted data sources into traps for autonomous AI. (Etay Maor) What the Latest ShinyHunters Breaches Reveal About Modern Cyberattacks Groups like ShinyHunters are demonstrating that attackers do not necessarily need malware or zero-day exploits to cause massive damage. (Torsten George) No Exploits Required Four decades of incident response experience suggest that exploits are often the symptom, not the root cause, of today’s cybersecurity failures. (Tod Beardsley) After AI Reaches Production: 12 Ways Security Teams Can Take Control Security teams need more than visibility into AI applications, they need a repeatable framework for monitoring, investigating, and defending them in production. (Joshua Goldfarb) Everybody Is Vibe Coding But Nobody Told the Security Team AI-driven development is not something organizations can or should block. But it must be governed. (Danelle Au) Flipboard Reddit Whatsapp Whatsapp Email","https:\u002F\u002Fwww.securityweek.com\u002F3-million-reportedly-stolen-in-polymarket-hack\u002F","https:\u002F\u002Fwww.securityweek.com\u002Fwp-content\u002Fuploads\u002F2026\u002F06\u002FPolymarket.webp","2026-06-26T09:47:35+00:00","2026-06-26T10:00:18.135848+00:00",7,[18,21,23,25],{"name":19,"type":20},"pUSD","product",{"name":22,"type":20},"Polygon",{"name":24,"type":20},"Ethereum",{"name":26,"type":27},"PeckShield","vendor","2e06f76c-d5b9-4f54-9eef-4d3447b10730",{"id":28,"icon":30,"name":31,"slug":32},null,"Breaches","breaches",[34,39,41,46],{"category":35},{"id":36,"icon":30,"name":37,"slug":38},"26b0b636-0e31-4db1-bffb-61bdf9f20a58","Supply Chain","supply-chain",{"category":40},{"id":28,"icon":30,"name":31,"slug":32},{"category":42},{"id":43,"icon":30,"name":44,"slug":45},"89f78b1c-3503-45a1-9fc7-e23d2ce1c6d5","Malware","malware",{"category":47},{"id":48,"icon":30,"name":49,"slug":50},"e7b231c8-5f79-4465-8d38-1ef13aea5a14","Threat Intelligence","threat-intelligence",[52],{"type":45,"value":53,"context":54},"malicious script","Injected into Polymarket's frontend via a compromised third-party vendor."]