Meta Paid Out Million via Bug Bounty Program in 2025

Meta Paid Out $4 Million via Bug Bounty Program in 2025

Posted on By CWS

Meta has paid out $4 million via its bug bounty program in 2025, which brings the whole awarded by the social media large because the creation of this system to greater than $25 million. 

Meta has obtained roughly 13,000 vulnerability experiences this 12 months and 800 of them have been rewarded. 

Three experiences have been highlighted by the corporate. One referred to CVE-2025-59489, a Unity vulnerability that prompted motion from each Microsoft and Steam. Within the case of Meta, it might have allowed malicious functions put in on Quest VR headsets to govern Unity functions and execute arbitrary code.

One other report highlighted by Meta was submitted by researchers from the College of Vienna, who described a technique for enumerating WhatsApp accounts at scale. 

The researchers used open supply instruments to generate potential cellphone numbers, verified whether or not they’re related to WhatsApp accounts, and compiled publicly accessible info.

One other bug report concentrating on WhatsApp got here from a Meta analyst, who discovered an incomplete validation difficulty that might have been exploited to set off the processing of content material from an arbitrary URL on a consumer’s system.

The corporate says WhatsApp purchasers and server infrastructure are essential targets, but it surely’s not straightforward to seek out vulnerabilities. In response to suggestions from researchers, Meta has determined to create a software that ought to make it simpler to analysis WhatsApp-specific applied sciences. 

This software, referred to as WhatsApp Analysis Proxy, is designed for analyzing the messaging utility’s community protocol. The software is at the moment solely out there to some long-time bug bounty hunters. Extra researchers will later be invited to check the software, and the final word purpose is to make it out there to everybody. Commercial. Scroll to proceed studying.

Associated: Apple Bug Bounty Replace: High Payout $2 Million, $35 Million Paid to Date

Associated: Google Paid Out $12 Million through Bug Bounty Applications in 2024

Associated: Google Gives As much as $20,000 in New AI Bug Bounty Program

Associated: Microsoft Boosts .NET Bounty Program Rewards to $40,000

Security Week News Tags:, , , , ,

Related Posts

Hackers Steal Sensitive Data From Auction House Sotheby’s Hackers Steal Sensitive Data From Auction House Sotheby’s Security Week News
CrowdStrike to Acquire Onum to Fuel Falcon Next-Gen SIEM With Real-Time Telemetry CrowdStrike to Acquire Onum to Fuel Falcon Next-Gen SIEM With Real-Time Telemetry Security Week News
WormGPT 4 and KawaiiGPT: New Dark LLMs Boost Cybercrime Automation WormGPT 4 and KawaiiGPT: New Dark LLMs Boost Cybercrime Automation Security Week News
Organizations Warned of Vulnerability in Microsoft Exchange Hybrid Deployment Organizations Warned of Vulnerability in Microsoft Exchange Hybrid Deployment Security Week News
Chipmaker Patch Tuesday: Over 60 Vulnerabilities Patched by Intel Chipmaker Patch Tuesday: Over 60 Vulnerabilities Patched by Intel Security Week News
‘MadeYouReset’ HTTP2 Vulnerability Enables Massive DDoS Attacks ‘MadeYouReset’ HTTP2 Vulnerability Enables Massive DDoS Attacks Security Week News