Meta’s Bug Bounty Bonanza: $4 Million in Payouts and New Tools for WhatsApp Sleuths!
Meta’s bug bounty program shelled out $4 million in 2025, topping $25 million total since inception. A notable bug could let malicious apps on Quest VR headsets wreak havoc, while another exposed WhatsApp account vulnerabilities. Meta’s new WhatsApp Research Proxy tool aims to help researchers crack WhatsApp’s mysterious code.
Hot Take:
Meta’s bug bounty program is like the Willy Wonka of cybersecurity. You never know when you’ll find a golden ticket worth thousands of dollars or just a piece of code that does nothing but taste like disappointment. But hey, at least they’re giving away $4 million worth of candy this year! That’s a lot of Oompa Loompas’ salaries combined. What’s next, a chocolate-themed headset?
Key Points:
– Meta has dished out $4 million in bug bounties in 2025, reaching a grand total of $25 million since the program’s inception.
– Around 13,000 vulnerability reports were submitted this year, with 800 earning payouts.
– A significant vulnerability involved CVE-2025-59489, affecting Unity applications on Quest VR headsets.
– Researchers from the University of Vienna found a method to enumerate WhatsApp accounts at scale.
– Meta is developing WhatsApp Research Proxy to aid in researching WhatsApp-specific technologies.