This morning we discovered a 3rd party vendor had been compromised, injecting a malicious script into our frontend for some users. We've contained it & removed the affected dependency. We're contacting impacted users & refunding them in full.
@Polymarket There is a vulnerability on your website that could allow attackers to drain user funds. How can I report it, and do you have a bug bounty program?
@Polymarket There is a vulnerability on your website that could allow attackers to drain user funds. How can I report it, and do you have a bug bounty program?