A significant breach has occurred at Polymarket, a prominent prediction market platform, resulting in the theft of user funds. The incident is attributed to a third-party vulnerability, which was exploited by hackers to gain unauthorized access to user accounts. As a result, Polymarket has announced plans to refund affected users. The breach highlights the importance of robust security measures, particularly when dealing with third-party integrations. Details of the breach, including the specific vulnerability exploited, have not been disclosed, but the incident serves as a reminder of the ongoing threats faced by online platforms1. The impact of the breach is likely to be felt by users who had funds stolen, and the incident may also erode trust in the platform. So what matters to practitioners is that this incident underscores the need for rigorous security testing and monitoring of third-party dependencies to prevent similar breaches.