Gate News message, April 29 — Decentralized prediction market platform Polymarket appears to have suffered a data breach, with threat actor xorcat releasing over 300,000 data records and accompanying exploit tools on a known cybercriminal forum. According to reports, attackers exploited undisclosed API endpoints, pagination bypasses, and CORS misconfigurations in Polymarket’s Gamma and CLOB APIs to extract the data.
The leaked data includes complete personal information for 10,000 users (names, proxy wallets, and base addresses), 4,111 comments, 1,000 report records (containing 58 ETH addresses and admin authentication identifiers), 48,536 Gamma market metadata entries, over 250,000 active CLOB market automated market maker addresses, and 9,000 follower social graph data points.
The exploit toolkit contains proof-of-concept code for multiple vulnerabilities: CVE-2025-62718 (Axios NO_PROXY bypass, CVSS 9.9, enabling server-side request forgery), CVE-2024-51479 (Next.js middleware authentication bypass, CVSS 7.5), and CORS misconfigurations. The package also includes automated data extraction scripts and a complete red team assessment report.
Disclaimer: The information on this page may come from third parties and does not represent the views or opinions of Gate. The content displayed on this page is for reference only and does not constitute any financial, investment, or legal advice. Gate does not guarantee the accuracy or completeness of the information and shall not be liable for any losses arising from the use of this information. Virtual asset investments carry high risks and are subject to significant price volatility. You may lose all of your invested principal. Please fully understand the relevant risks and make prudent decisions based on your own financial situation and risk tolerance. For details, please refer to
Disclaimer.
Related Articles
Polymarket Prediction on Powell's April Press Conference Saying 'Good Afternoon' Reaches 98.3% Probability
Gate News message, April 29 — On Polymarket, a prediction market event regarding what Federal Reserve Chair Jerome Powell will say at his April press conference shows the "Good Afternoon" option has reached a 98.3% probability, with trading volume for this event totaling $57,749 as the settlement pr
GateNews9m ago
Polymarket denies allegations of a leak of 300k records, saying its API data is publicly available and auditable
According to an X post by Polymarket on April 29, the cybersecurity account Dark Web Informer claimed that the decentralized prediction market platform Polymarket was hacked, with more than 300k records and an exploit tool kit leaked to online criminal forums; Polymarket immediately denied this on X, saying that all on-chain data is publicly available and can be audited.
MarketWhisper36m ago
Polymarket upgrade completed: new trading engine is live, $1M liquidity incentives
Polymarket completes the CLOB v2 exchange upgrade, with an announcement at 4/28 12:06. On the same day, maintenance was started at 11:02, trading was paused, and the order book was cleared; after about 64 minutes, order intake resumed and trading was reopened. The upgrade released a $1,000,000 liquidity reward: $500,000 for the first 2 hours, and the remaining $500,000 for the rest of the session. The core is a complete exchange overhaul—rebuilding the trading engine and contracts, and converting collateral assets to pUSD. Next, we will observe whether pUSD becomes the default collateral and how it is retained by market makers.
ChainNewsAbmedia1h ago
Bitcoin ETF Outflows Hit $89.68M, Ethereum ETF Down $21.8M; Saylor Eyes $10M Per BTC
Gate News message, April 29 — Bitcoin spot ETFs recorded net outflows of $89.68 million yesterday (April 28), with BlackRock's IBIT leading losses at $112 million. Ethereum spot ETFs saw net outflows of $21.8 million, with BlackRock's ETHA accounting for $13.17 million of the decline.
Meanwhile, Mi
GateNews1h ago
Prediction Market ETF Set to Launch Next Week, Focused on U.S. Congressional Election Outcomes
Gate News message, April 29 — Roundhill's prediction market ETF is expected to launch next week (May 5), according to Bloomberg ETF analyst James Seyffart. The firm has submitted its application, with an effective date set for May 5.
The inaugural prediction market ETF will track outcomes of U.S. c
GateNews2h ago
The CFTC sues Wisconsin; files lawsuits against five states in a single month to defend jurisdiction over prediction markets
According to a report by The Block, on April 28 the U.S. Commodity Futures Trading Commission (CFTC) filed a lawsuit with the U.S. District Court for the Eastern District of Wisconsin, making it the fifth state in the past month that the CFTC has sued over issues of jurisdiction over prediction markets. The CFTC’s complaint argues that it has “exclusive jurisdiction” over prediction markets, saying Wisconsin is trying to label markets subject to federal oversight as criminal, undermining the federal regulatory system designed by Congress.
MarketWhisper3h ago
