Polymarket says it will fully reimburse customers who lost an estimated $3 million after hackers injected a malicious script into the platform’s frontend following a breach at a third-party vendor.

The company states in a brief announcement that the hack was the result of a supply-chain attack that impacted a dependency on its website.

Polymarket is one of the world’s largest cryptocurrency-based prediction markets that allows users to trade contracts with prices that reflect the market’s collective estimate of an event’s outcome.

It offers predictions for sports, economic indicators, weather patterns, awards, political and legislative outcomes, and even military conflicts.

Founded in 2020, the platform is currently valued at $9 billion, handles billions of dollars in trading volume, and serves as an influential source of information on market expectations.

During the attack, unsuspecting users were tricked into approving fraudulent transactions on the official Polymarket website after malicious JavaScript was injected through a frontend vendor.

Polymarket’s own servers and backend infrastructure were not impacted by the incident.

The company did not share many details about the event, but independent blockchain intelligence firms estimate the losses at roughly $3 million, stolen from a small number of accounts.

According to blockchain security firm PeckShield, the incident was a phishing campaign that stole approximately $3 million worth of ParyonUSD from users. The stolen funds were later swapped for 1,893 Ether.

“The attacker bridged the stolen funds from #Polygon to #Ethereum and swapped them into ~1,893 $ETH,” PeckShield says.

Based on visual analytics company Bubblemaps, the incident has impacted less than 15 accounts. The company published a list of some of the affected accounts as well as the wallets holding the stolen funds.

BleepingComputer has contacted Polymarket to request more details about the incident, but we have not received a response by publication time.

Security teams log 54% of successful attacks and alert on just 14%. The rest move through your environment unseen.

The Picus whitepaper shows how breach and attack simulation tests your SIEM and EDR rules so threats stop slipping by detection.

Get the whitepaper

security

Researchers warn many AI coding assistants now execute commands from project configurations

A high-severity flaw in Amazon’s AI coding assistant for Visual Studio Code meant that opening the wrong Git repository could allow an attacker to execute code on a developer’s machine and potentially hand them the keys to the dev’s cloud environment.

The bug, tracked as CVE-2026-12957 and assigned a CVSS 4.0 score of 8.5, centers on how Amazon Q handled Model Context Protocol (MCP) server configurations. Wiz found the extension would automatically load a repository’s .amazonq/mcp.json file and execute the commands it contained when a developer opened the project and activated Amazon Q.

“The security model assumes the user explicitly configures these servers. After all, you’re granting an AI assistant permission to run arbitrary commands on your machine. This should require informed consent,” the researchers write. “The vulnerability arose when this assumption was violated: Amazon Q automatically loaded MCP configurations from .amazonq/mcp.json within the workspace – no prompt, no consent, no workspace trust check.”

MCP lets AI assistants launch local processes to carry out tasks. In Amazon Q’s case, those processes inherited the developer’s environment, giving them access to AWS credentials, API keys, authentication tokens, SSH agent sockets, and other secrets already loaded into the session.

“The combination meant that a single malicious config file could execute arbitrary commands with full access to the developer’s credentials – no user interaction required beyond opening the folder and activating Amazon Q,” Wiz said.

To prove the attack worked, Wiz built a repository with a malicious MCP configuration. Opening the project and activating Amazon Q caused the extension to execute a command against AWS using the developer’s existing credentials.

Amazon fixed the bug in version 1.65.0 of its language server, which powers Amazon Q’s IDE integrations. Existing installations should receive the patched component automatically unless you’ve blocked automatic updates.

“We would like to thank Wiz for collaborating with us on this issue. We have remediated this issue in language server version 1.65.0,” Amazon said in an advisory, though it didn’t respond to The Register’s questions. 

Wiz argues the bug is less an Amazon problem than an industry one. More and more AI coding assistants are adopting MCP to connect models to local tools and services, allowing them to execute commands on developers’ machines. 

According to the researchers, similar workspace configuration flaws have recently surfaced in other AI coding tools. It suggests attackers have found a new place to lurk: the hidden files that developers rarely think twice about trusting. ®

Nvidia has dominated the AI chip market for years, but the era of total dependence might be ending.  

OpenAI just shared its plans to spice things up with Jalapeño, its custom inference chip built with Broadcom, joining Google, Apple, and SpaceX in a growing list of companies building their way out of single-supplier risk. The goal is less of a clean break and more of a hedge. Custom silicon means more control, hardware tuned to specific needs, and the kind of performance gains Apple unlocked when it ditched Intel. 

On this episode of TechCrunch’s Equity podcast, hosts Kirsten Korosec, Anthony Ha, and Sean O’Kane dig into what the custom chip trend means for the industry and a few deals of the week worth watching. 

Subscribe to Equity on YouTube, Apple Podcasts, Overcast, Spotify and all the casts. You also can follow Equity on X and Threads, at @EquityPod. 

This will impact Home Assistant users and those who rely on similar third-party tools.

The announcement comes amid a race between organisations to build semiconductors that can handle increasingly demanding AI workloads.

Multinational technology giant IBM has announced the creation of what it claims is the world’s first ​technology capable of producing chips smaller than one nanometre.  

According to IBM, the chip has a transistor architecture of 0.7 nanometres and can hold nearly 100bn transistors on a “fingernail”-sized surface, achieving roughly double the density of its 2-nanometre chip unveiled in ​2021. 

In order to create the chip, IBM reportedly developed a new transistor design called a nanostack, which lays transistors on top of each other in three dimensions, rather than the standard method of laying them flat, effectively fitting more into the same amount of available space.  

Commenting on the achievement, Jay Gambetta, a director of IBM Research, said, “With our new nanostack architecture, we’re not just making smaller transistors, we’re reinventing how chips are built to deliver ​dramatically more power and ​energy efficiency.”

According to IBM, the new nanostack technology will also be capable of shrinking a type of memory circuit called SRAM by 40pc when compared to its previous chip technology. Production is expected to begin within the next five years and the organisation has yet to name a manufacturing partner for this technology, if there is one. 

IBM’s announcement comes at a time when many organisations all over the globe are racing to become the most prominent name in the manufacturing of advanced chip technology and artificial intelligence. 

In late May, leading chipmakers Micron and SK Hynix both surpassed $1trn in market value. Global semiconductor company Infineon Technologies announced earlier in June that it is set to open a new €5bn chip factory in Dresden, Germany, representing Infineon’s single largest investment. Last month, Analog Devices announced it was acquiring AI power delivery provider Empower Semiconductor in a deal valued at $1.5bn.

Don’t miss out on the knowledge you need to succeed. Sign up for the Daily Brief, Silicon Republic’s digest of need-to-know sci-tech news.

from the good-deals-on-cool-stuff dept

flowkey is a fun, interactive piano learning platform that helps anyone go from absolute beginner to confident player — at their own pace. It combines step-by-step courses with thousands of songs you know and love, tailored for every skill level, from first-time learners to advanced pianists. The app listens as you play and gives instant feedback so you can improve faster, practice technique, and master sheet music with confidence. Whether you’re learning scales or your first full song, flowkey makes piano practice easy, fun, and rewarding. A one year subscription is on sale for $40, two years for $60, or five years for $80.

Note: The Techdirt Deals Store is powered and curated by StackSocial. A portion of all sales from Techdirt Deals helps support Techdirt. The products featured do not reflect endorsements by our editorial team.

Filed Under: daily deal

from the glorified-lapdogs dept

You might recall that one of the conditions of the FCC’s approval of The Ellison family’s $8 billion acquisition of CBS was that the agency would install a “ombudsman” at the network to ensure CBS journalism was appropriately feckless and deferential to our mad, idiot king.

This was particularly ironic given decades of whining by Republicans about stuff like the “fairness doctrine,” and other short-lived government attempts to set acceptable contours for journalistic speech. The appointment didn’t even really appear necessary, given Bari Weiss’ pretty obvious loyalty to oligarchs and autocrats like Trump and Netanyahu.

The guy they appointed, Kenneth Weinstein, unsurprisingly had no qualifications for the role. Weinstein had been the head of the faux-academic right wing Hudson Institute “think tank,” and has absolutely no experience in journalism or television whatsoever.

Similarly unsurprisingly, a new New York Times report indicates that Weinstein has largely been invisible and pointless since his appointment. He doesn’t issue statements, he doesn’t appear to help anybody dealing with internal chaos being caused by Weiss, he doesn’t respond to direct questions from politicians, and he barely shows up at the office:

“In the nine months since he was hired, Mr. Weinstein has issued no public statements about CBS News’s coverage or its controversies. He has not issued any guidance or feedback in staffwide emails or memos, three employees said. He has told some employees that he is scheduled to work only one day per month, two people said, though one said he responded to queries outside his monthly workday.”

As I predicted, there’s just not much for him to actually do at a company that’s innately so dutifully loyal to the nation’s richest assholes. The New York Times at one point seems confused by the idea this “watchdog” does do any useful watchdogging:

“As CBS News has been shaken by infighting between management and its star correspondents this year, Mr. Weinstein’s silence is being criticized by media experts. They say Paramount, the parent company of CBS News, has essentially hired a watchdog who doesn’t bark.”

Of course Weinstein wasn’t appointed to be a “watchdog” or to help the network or its employees. He was hired so that the Trump administration could be ensured a direct line to the leadership of a media company being converted into a propaganda mill, something that’s likely not even necessary due to the ample close connections between the Ellisons, CBS leadership, and the administration.

Weinstein’s other job was to simply ensure that CBS was remaining dutifully loyal to the president, a role that’s also not really necessary since folks like Bari Weiss have no integrity.

The New York Times doesn’t mention how much Weinstein is being paid for his single day of “work” a month, and how many shitcanned CBS journalist salaries it would have paid for.

Filed Under: bari weiss, cbs news, fcc, kenneth weinstein, media, ombudsman, propaganda, the hudson institute