Polymarket Third-Party Vendor Compromise Drains $2.9M from Users
A third-party vendor compromise discovered Thursday allowed attackers to inject a malicious script into Polymarket’s frontend, affecting multiple users. Blockchain analyst Specter said the malicious script appeared to facilitate a phishing attack that drained an estimated $2.94 million from at least 11 Polymarket user wallets. Polymarket said on X that the compromise has been contained…