PANews reported on April 29th that, according to a disclosure by Dark Web Informer on the X platform, the decentralized prediction market platform Polymarket has been suspected of being compromised, with over 300,000 records and an exploit kit leaked to a cybercrime forum. The attackers claim the data was obtained through undocumented API endpoints, pagination bypasses, and CORS misconfigurations, with the extraction date being April 27, 2026. The leaked data includes approximately 10,000 user personal identification information entries, 41,000 comments, 485,000 market metadata entries, 250,000 active CLOB markets, and 292 event submitter/resolver addresses. The attackers also provided proof-of-concept code for several vulnerabilities, including CVE-2025-62718 (CVSS 9.9), CORS misconfiguration, and CVE-2024-51479 (CVSS 7.5). The attackers claim that Polymarket does not have a bug bounty program and did not notify the platform beforehand.