[ligmaboi]

For anyone with a whatsapp acct the lack of rate limiting on API endpoints has basically created a searchable database of global phone numbers. apparently the contact discovery mechanism can be mass queried to find user data including: phone number, public keys, timestamps, and, if its public also shows about text and the profile picture.

https://techxplore.com/news/2025-11-whatsapp-vulnerability.html