HomeIntelligenceBrief
BREACH BRIEF🟠 High Breach

Third-Party Vendor Compromise Fuels $2.94M Crypto Theft on Polymarket Platform

Polymarket disclosed that a breach of a third‑party vendor injected malicious code into its frontend, resulting in the theft of roughly $2.94 million in PUSD from multiple user wallets. The incident underscores the importance of SOC 2 vendor‑management controls and continuous monitoring for audit readiness.

LiveThreat™ Intelligence · 📅 June 26, 2026· 📰 securityaffairs.com
🟠
Severity
High
BR
Type
Breach
🎯
Confidence
High
🏢
Affected
1 sector(s)
Actions
2 recommended
📰
Source
securityaffairs.com

Third-Party Vendor Compromise Fuels $2.94M Crypto Theft on Polymarket Platform

What Happened — Attackers compromised a third‑party vendor that supplied a frontend dependency for Polymarket, injected malicious script, and drained roughly $2.94 million in PUSD from at least 11 user wallets. Polymarket has contained the code, removed the affected dependency, and pledged full reimbursement to affected users.

Why It Matters for Compliance & Audit Readiness

  • Demonstrates the need for SOC 2 vendor‑management controls and continuous monitoring of third‑party components.
  • Highlights the importance of maintaining auditable evidence of due‑diligence and supply‑chain risk assessments.
  • Shows how a single supply‑chain gap can trigger a material loss that must be documented for incident‑response and audit reporting.

Who Is Affected — Crypto‑focused SaaS platforms, DeFi marketplaces, and any fintech service that relies on external UI libraries or CDN providers.

Recommended Actions — Review and tighten third‑party risk management policies, map vendor‑assessment controls to SOC 2 CC6.1, implement continuous monitoring of dependencies, and retain forensic evidence of the breach for audit purposes. Source: SecurityAffairs

Technical Notes — Attack vector: malicious script injected via a compromised third‑party frontend dependency (supply‑chain attack). No CVE disclosed. Stolen assets: PUSD swapped for ETH and bridged to Ethereum. Source: same article

📰 Original Source
https://securityaffairs.com/194266/security/third-party-breach-at-polymarket-leads-to-2-94m-crypto-theft.html

This LiveThreat Intelligence Brief is an independent analysis. Read the original reporting at the link above.

From the Verisq platform · Vendor Risk Hub

Point-in-time vendor reviews miss incidents like this.

Verisq AI Trust Operations replaces the annual questionnaire with continuous third-party monitoring — so vendor exposure becomes audit evidence, not a once-a-year guess.

See how Verisq AI Trust Operations works →