Meta Paid Out Million via Bug Bounty Program in 2025

Meta Paid Out $4 Million via Bug Bounty Program in 2025

Posted on By CWS

Meta has paid out $4 million via its bug bounty program in 2025, which brings the whole awarded by the social media large because the creation of this system to greater than $25 million. 

Meta has obtained roughly 13,000 vulnerability experiences this 12 months and 800 of them have been rewarded. 

Three experiences have been highlighted by the corporate. One referred to CVE-2025-59489, a Unity vulnerability that prompted motion from each Microsoft and Steam. Within the case of Meta, it might have allowed malicious functions put in on Quest VR headsets to govern Unity functions and execute arbitrary code.

One other report highlighted by Meta was submitted by researchers from the College of Vienna, who described a technique for enumerating WhatsApp accounts at scale. 

The researchers used open supply instruments to generate potential cellphone numbers, verified whether or not they’re related to WhatsApp accounts, and compiled publicly accessible info.

One other bug report concentrating on WhatsApp got here from a Meta analyst, who discovered an incomplete validation difficulty that might have been exploited to set off the processing of content material from an arbitrary URL on a consumer’s system.

The corporate says WhatsApp purchasers and server infrastructure are essential targets, but it surely’s not straightforward to seek out vulnerabilities. In response to suggestions from researchers, Meta has determined to create a software that ought to make it simpler to analysis WhatsApp-specific applied sciences. 

This software, referred to as WhatsApp Analysis Proxy, is designed for analyzing the messaging utility’s community protocol. The software is at the moment solely out there to some long-time bug bounty hunters. Extra researchers will later be invited to check the software, and the final word purpose is to make it out there to everybody. Commercial. Scroll to proceed studying.

Associated: Apple Bug Bounty Replace: High Payout $2 Million, $35 Million Paid to Date

Associated: Google Paid Out $12 Million through Bug Bounty Applications in 2024

Associated: Google Gives As much as $20,000 in New AI Bug Bounty Program

Associated: Microsoft Boosts .NET Bounty Program Rewards to $40,000

Security Week News Tags:, , , , ,

Related Posts

Scattered Spider Activity Drops Following Arrests, but Others Adopting Group’s Tactics Scattered Spider Activity Drops Following Arrests, but Others Adopting Group’s Tactics Security Week News
‘Whisper Leak’ LLM Side-Channel Attack Infers User Prompt Topics ‘Whisper Leak’ LLM Side-Channel Attack Infers User Prompt Topics Security Week News
British Man Suspected of Being the Hacker IntelBroker Arrested, Charged British Man Suspected of Being the Hacker IntelBroker Arrested, Charged Security Week News
Critical Security Flaw in BeyondTrust Products Patched Critical Security Flaw in BeyondTrust Products Patched Security Week News
Widespread Keenadu Malware Threatening Android Devices Widespread Keenadu Malware Threatening Android Devices Security Week News
Phishers Abuse SharePoint in New Campaign Targeting Energy Sector Phishers Abuse SharePoint in New Campaign Targeting Energy Sector Security Week News