Gate News message, April 29 — Decentralized prediction market platform Polymarket appears to have suffered a data breach, with threat actor xorcat releasing over 300,000 data records and accompanying exploit tools on a known cybercriminal forum. According to reports, attackers exploited undisclosed API endpoints, pagination bypasses, and CORS misconfigurations in Polymarket’s Gamma and CLOB APIs to extract the data.
The leaked data includes complete personal information for 10,000 users (names, proxy wallets, and base addresses), 4,111 comments, 1,000 report records (containing 58 ETH addresses and admin authentication identifiers), 48,536 Gamma market metadata entries, over 250,000 active CLOB market automated market maker addresses, and 9,000 follower social graph data points.
The exploit toolkit contains proof-of-concept code for multiple vulnerabilities: CVE-2025-62718 (Axios NO_PROXY bypass, CVSS 9.9, enabling server-side request forgery), CVE-2024-51479 (Next.js middleware authentication bypass, CVSS 7.5), and CORS misconfigurations. The package also includes automated data extraction scripts and a complete red team assessment report.
Disclaimer: The information on this page may come from third parties and does not represent the views or opinions of Gate. The content displayed on this page is for reference only and does not constitute any financial, investment, or legal advice. Gate does not guarantee the accuracy or completeness of the information and shall not be liable for any losses arising from the use of this information. Virtual asset investments carry high risks and are subject to significant price volatility. You may lose all of your invested principal. Please fully understand the relevant risks and make prudent decisions based on your own financial situation and risk tolerance. For details, please refer to
Disclaimer.
Related Articles
Prediction Market ETF Set to Launch Next Week, Focused on U.S. Congressional Election Outcomes
Gate News message, April 29 — Roundhill's prediction market ETF is expected to launch next week (May 5), according to Bloomberg ETF analyst James Seyffart. The firm has submitted its application, with an effective date set for May 5.
The inaugural prediction market ETF will track outcomes of U.S. c
GateNews13m ago
The CFTC sues Wisconsin; files lawsuits against five states in a single month to defend jurisdiction over prediction markets
According to a report by The Block, on April 28 the U.S. Commodity Futures Trading Commission (CFTC) filed a lawsuit with the U.S. District Court for the Eastern District of Wisconsin, making it the fifth state in the past month that the CFTC has sued over issues of jurisdiction over prediction markets. The CFTC’s complaint argues that it has “exclusive jurisdiction” over prediction markets, saying Wisconsin is trying to label markets subject to federal oversight as criminal, undermining the federal regulatory system designed by Congress.
MarketWhisper1h ago
Gate Daily Report (April 29): Prediction market ETF is expected to launch next week; Trading Protocol treasury was attacked
Bitcoin (BTC) continued its soft trading posture, with it temporarily trading around $76,250 as of April 29. A Bloomberg ETF analyst posted that the market is expected to roll out the ETF next week. According to PeckShield monitoring, a suspected Trading Protocol YieldCore-3rd-deal treasury was attacked, resulting in losses of about $398k.
MarketWhisper1h ago
Low-Probability Account Bets $70K on Knicks to Beat Hawks in NBA Playoff Game 5 on Polymarket
Gate News message, April 29 — On Polymarket's prediction market for NBA Eastern Conference First Round Game 5 between the Knicks and Hawks, an account with a 35% win rate (0xe5b70fd855af9258d9463992e4f1ed7987905ee3) purchased approximately $70,000 in contracts betting on a Knicks victory. The accoun
GateNews3h ago
Polymarket in CFTC talks to return main exchange to U.S.
Polymarket is exploring a path to bring its main exchange back to the United States through discussions with the Commodity Futures Trading Commission (CFTC), according to Bloomberg reporting from April 28, 2026. The company is seeking to lift a ban on U.S. customers that was imposed following a 2022
CryptoFrontier4h ago
Polymarket in Talks with CFTC to Bring Main Exchange Back to U.S.
Gate News message, April 28 — Polymarket is exploring a path to bring its main exchange back to the United States through discussions with the Commodity Futures Trading Commission (CFTC), according to Bloomberg.
The prediction market platform re-entered the U.S. market last year after acquiring QCE
GateNews12h ago
