News linked to both this project and an event.
According to Dark Web Informer, the decentralized prediction market platform Polymarket is suspected of having been hacked. The threat actor “xorcat” posted over 300,000 data records and a corresponding exploit toolkit on a well-known cybercrime forum. The data extraction occurred on April 27, 2026. Reportedly, the attacker extracted data via an undisclosed API endpoint, pagination bypasses, and misconfigured CORS settings in Polymarket Gamma and the CLOB API. The leaked data includes: - Full personal information for 10,000 users (including names, proxy wallets, and base addresses); - 4,111 comments; - 1,000 moderation reports (including 58 ETH addresses and administrator authentication address identifiers); - Metadata for 48,536 Gamma markets; - Constant-product market maker addresses for over 250,000 active CLOB markets; and - Social graph data for 9,000 followers. The toolkit contains proof-of-concept code for multiple vulnerabilities, including CVE-2025-62718 (Axios NO_PROXY bypass, CVSS 9.9, enabling server-side request forgery), CVE-2024-51479 (Next.js middleware authentication bypass, CVSS 7.5), and the aforementioned CORS misconfigurations. Additionally, the toolkit includes automated continuous data-extraction scripts and a comprehensive red-team report (including M
Odaily Seer Channel monitoring shows that Polymarket has launched a new market: "When will the next cryptocurrency hack exceeding $100 million in losses occur". This market primarily references the Rekt News leaderboard as the adjudication source, and can also use publicly recognized reliable reports as a basis. Currently, this prediction market has set four time nodes: April 30, June 30, September 30, and December 31.The event contract rules are: This is a market regarding whether any crypto project or exchange suffers an attack or hack valued at a minimum of $100 million equivalent between the market creation and 11:59 PM Eastern Time on the date specified in the title. Otherwise, this market will ultimately resolve to "No". Hacks on decentralized exchanges and lending protocols will be counted.Odaily Seer Channel continues to monitor prediction markets, seeing changes before they are priced in.
According to on-chain analyst Yujin (@EmberCN), ZRO—the native token of LayerZero, the cross-chain bridge exploited by hackers in today’s rsETH vulnerability incident—fell 18% on the day, dropping from $1.90 to $1.50. Twenty minutes ago, a Polymarket user with the address “greenrooibos” deposited 978,000 ZRO tokens to Binance, valued at approximately $1.57 million. These ZRO tokens were withdrawn from Binance two weeks ago, when they were worth roughly $2.04 million; this deposit thus corresponds to a loss of approximately $470,000.
According to on-chain analyst Yujin (@EmberCN), after the hacker borrowed a large amount of ETH from Aave by pledging illegally minted rsETH, multiple whale addresses sold AAVE on-chain, causing AAVE’s price to drop 15% that day. Among them, the Polymarket user “smaugvision” sold 20,015 AAVE at an average price of $102.9, worth approximately $2.06 million; address 0xFC5 sold 20,000 AAVE at an average price of $102.8, worth approximately $2.05 million; and address 0xA2E sold 19,665 AAVE at an average price of $99.2, worth approximately $1.95 million.