PANews June 26 news, according to Decrypt, prediction market platform Polymarket had malicious code injected into its website frontend due to a third-party supplier breach, resulting in approximately 15 user accounts being drained of about $3 million in funds. Polymarket said the issue has been resolved and affected users will be fully compensated, but did not disclose the specific supplier involved. The stolen funds were originally pUSD, the platform’s dedicated U.S. dollar-pegged stablecoin, which the attacker converted to ETH and consolidated into a single wallet address.

This attack marks Polymarket’s second security incident in nearly two months. Last month, a wallet used by an employee for top-ups and paying user rewards was drained of about $700,000 due to a private key leak.