Meta is spending millions on bug bounties and security tools to boost WhatsApp security

• Meta launches WhatsApp Research Proxy to aid bug bounty investigations into WhatsApp protocols
• Specialized research pilot expands to include abuse issues with engineering support and tooling
• In 2025, Meta validated ~800 reports, paying $4M for critical bug fixes

Meta has introduced new tools to help cybersecurity researchers find bugs in WhatsApp.

In a new blog post discussing the success of its Bug Bounty program over the last 15 years, Meta said the researchers asked for a product that would help them investigate WhatsApp-specific technologies better, and in response, it built WhatsApp Research Proxy.

Describing it as a “tool that makes research into WhatsApp’s network protocol more effective”, Meta said it will be available to “some of our long-time bug bounty researchers”, who will not only use the tool, but provide feedback to help improve it. More researchers will be invited to test the tool as ...