This week’s iGaming story is equal parts scale and scrutiny. North America continues to set the pace—Ontario’s licensed market numbers underline how big regulated iGaming can get, while U.S. sports wagering is gearing up for another record Super Bowl cycle. At the same time, operators are sharpening integrity and brand-protection policies as betting volume rises, and prediction markets remain a growing competitive wildcard that’s forcing both regulators and sportsbooks to define new boundaries quickly.
Trends & Analytics
BetMGM posts strong 2025 momentum and projects profitable growth in 2026. The operator forecast $3.1B–$3.2B net revenue and $300M–$350M adjusted core profit for 2026 after iGaming and online sports betting growth in 2025. Source: Reuters
Ontario closes 2025 with a massive licensed-market performance snapshot. iGaming Ontario’s newly published 2025 picture showed nearly $100B in wagering activity and roughly $4B in (pre-tax) gross gaming revenue across casino, betting, and peer-to-peer poker. Source: Canadian Gaming Business
BetMGM formalizes a tougher integrity stance to curb bettor-to-athlete abuse. The operator updated its terms to explicitly ban harassment of athletes/coaches and suspend accounts tied to abuse—an integrity and brand-risk play as betting scale rises. Source: Reuters
Americans expected to bet a record $1.76B legally on the Super Bowl, AGA says.
AGA’s projection signals continued growth in legal sports betting adoption and major-event handle expansion. Source: Reuters — Americans expected to bet $1.76 billion on Super Bowl, AGA says
ACR Poker boosts online satellites into a live-series main event (Uruguay), reinforcing hybrid acquisition tactics. The operator promoted online qualification paths into a $700K GTD main event—an example of how poker brands keep using live events to drive online conversion and retention. Source: PR Newswire
Law & Regulation
New York AG issues consumer + industry alert on sports betting and prediction markets. Attorney General Letitia James warned New Yorkers about risks and highlighted potential liability tied to promotion of unlicensed wagering products. Source: New York State Office of the Attorney General — Consumer Alert and Industry Alert (Feb 2, 2026)
Indiana House approves a sweepstakes gaming ban bill, sending it to the Senate.
The vote signals accelerating state-level pressure on dual-currency sweepstakes-style casino models. Source: SBC Americas — Indiana Senate to consider sweeps ban after House approval
South Carolina and South Dakota line up hearings and proposals for online sports betting. A legislative roundup shows multiple states reopening mobile wagering debates early in the 2026 sessions. Source: iGaming Business — Legislative roundup: SC, SD lawmakers look to discuss online sports betting
Nevada moves against Coinbase over sports “event contracts,” alleging unlicensed sports betting. Nevada’s enforcement action escalates the state-by-state clash over whether prediction-market contracts qualify as regulated wagering. Source: Investors.com — Nevada sues Coinbase over sports contracts
CFTC signals shift toward clearer federal rules for prediction markets. The federal posture (and potential rollback of prior guidance) could reshape how sports-related event contracts are treated across jurisdictions. Source: Axios — Prediction markets to get new federal rules, CFTC chair says
Hacks & Data Breaches
CISA flags a critical SolarWinds Web Help Desk RCE as actively exploited.
If used in IT/helpdesk workflows, exploitation can lead to credential exposure and lateral movement into privileged systems.
Source: BleepingComputer — CISA flags critical SolarWinds RCE flaw as actively exploited
Ivanti warns of two EPMM flaws exploited as zero-days.
Mobile device management weaknesses can translate into account takeover, device control, and access to corporate apps.
Source: BleepingComputer — Ivanti warns of two EPMM flaws exploited in zero-day attacks
Canada Computers confirms online checkout breach exposing personal + card data.
The incident highlights how guest-checkout flows and web commerce stacks can leak payment information—relevant to iGaming cashier UX risk.
Source: TechRadar — Canada Computers confirms data breach
Step Finance reports major treasury wallet compromise, tying it to compromised executive devices.
Key-management and endpoint compromise remains a high-impact risk for any crypto-adjacent payment or treasury workflow.
Source: BleepingComputer — Step Finance says compromised execs’ devices led to $40M crypto theft
Singapore CSA issues alert on an Office vulnerability after emergency updates.
Out-of-band patching underscores ongoing risk from document-based exploitation paths commonly used for initial access.
Source: Cyber Security Agency of Singapore — High Severity Vulnerability in Microsoft Office (Jan 28, 2026)
Final Words
2026 momentum is strong, but the winners will be the ones who treat regulation, integrity, and security as part of growth—not afterthoughts. With actively exploited vulnerabilities and real-world breaches continuing to hit payment and support ecosystems, the gap between “compliant” and “resilient” keeps widening. If you want a practical view of where attackers can pivot in your environment—front-end/APIs, cashier and payments flows, admin panels, affiliate tooling, and third-party access—ONSEC can help with iGaming-focused penetration testing and a prioritized remediation plan your engineering team can execute fast. Disclaimer: This newsletter is for informational purposes only and does not constitute legal advice.
Leave a comment