- Meta launches WhatsApp Research Proxy to facilitate bug bounty investigations on WhatsApp protocols
- Specialized research pilot expands to include abuse issues with technical support and tools
- In 2025, Meta validated around 800 reports, paying $4 million to fix critical bugs.
Meta has introduced new tools to help cybersecurity researchers find bugs in WhatsApp.
In a new blog post discussing the success of its Bug Bounty program over the past 15 years, Meta said researchers asked for a product that would help them better study WhatsApp-specific technologies, and in response, they created WhatsApp Research Proxy.
Describing it as a “tool that makes researching WhatsApp’s network protocol more efficient”, Meta said it will be available to “some of our long-time bug bounty researchers”, who will not only use the tool but also provide feedback to help improve it. More researchers will be invited to test the tool over time, Meta added, emphasizing that the goal is to make the tool public in the future. However, no specific date was mentioned.
Expansion of bug bounty programs
Meta also announced that it would expand its specialized research pilot project. Earlier this year, the company launched a pilot project aimed at accelerating collaboration in particular areas, but only with researchers with proven qualifications.
Meta now seeks to expand this partnership by encouraging research “beyond traditional security vulnerabilities.”
As part of this expansion, Meta is now inviting research teams to focus on abuse issues with dedicated in-house engineering support and tools, all with the goal of lowering the barrier of entry for academics and other researchers who may not be as familiar with bug bounty programs.
The company that owns Facebook, Instagram, WhatsApp and a few other platforms said it received around 13,000 submissions to its bug bounty program in 2025. It validated nearly 800 reports, for which it made cumulative payments of more than $4 million.
Some of the worst bugs fixed through the program include a method allowing mass enumeration of WhatsApp accounts, an incomplete validation issue, and various arbitrary code execution bugs.
Via Hacker news
The best antivirus for every budget
Follow TechRadar on Google News And add us as your favorite source to get our news, reviews and expert opinions in your feeds. Make sure to click the Follow button!
And of course you can too follow TechRadar on TikTok for news, reviews, unboxings in video form and receive regular updates from us on WhatsApp Also.
