Polygon is a organization tracked across 18 threat clusters and 49 intelligence report mentions on ThreatCluster. First observed November 3, 2025; most recent activity July 16, 2026.
In 2025, cryptocurrency thefts have surged significantly, with over $2 billion stolen in just the first half of the year, marking a 17.27% increase compared to 2022. The ByBit hack, attributed to North Korean state…
A Russian threat actor known as UAT-11795 has been deploying the Starland RAT and WLDR agent since June 2025, primarily targeting users in the U.S., Germany, Romania, and Venezuela. The group uses trojanized installers…
In June 2026, the crypto sector faced 40 major hacking incidents, leading to losses of $75.87 million. The SecondFi wallet, part of the Cardano ecosystem, was notably compromised, with attackers transferring…
In July 2026, a ClickFix campaign was discovered on the Artlist subdomain new-blog.artlist[.]io, where attackers injected malicious code that masqueraded as a CAPTCHA to install a Remote Access Trojan (RAT). The attack…
On June 25, 2026, Polymarket confirmed a security breach that led to the theft of approximately $3 million from fewer than 15 user accounts. The attack was executed through a compromised third-party vendor, which…
Decentralized finance (DeFi) has seen a significant reduction in losses, dropping from $2.62 billion in 2022 to $534 million by 2024. However, new vulnerabilities have emerged, particularly in cross-chain deployments,…
Aleksei Volkov, a 26-year-old Russian citizen, was sentenced to 81 months in prison for his role as an initial access broker (IAB) facilitating ransomware attacks against U.S. companies, including the Yanluowang group.…
On May 22, 2026, Polymarket experienced a security incident resulting in over $520,000 drained from its UMA Conditional Token Framework (CTF) Adapter on the Polygon network. Blockchain investigator ZachXBT flagged…
Polymarket has reported a security incident involving a private key leak from an internal operational wallet. The leak has resulted in the draining of over $520,000 from the Polymarket UMA CTF Adapter contract on the…
The Aeternum botnet loader has been identified as using Polygon smart contracts for its command-and-control (C2) operations, moving away from traditional centralized servers. This shift complicates efforts by…