An Abu Dhabi-based tech professional in Information Systems. I’m passionate about developing technology and supporting startups.
Abu Dhabi
Joined January 2024
- Tweets 540
- Following 173
- Followers 23
- Likes 3,551
If you want to get better at finding and bypassing SSRF, take a look at this repo:
github.com/cujanovic/SSRF-Te…
TarunBytes retweeted
A new Android banking Trojan named Herodotus is reportedly circulating as Malware-as-a-Service, disguising itself as a legitimate app to steal sensitive permissions and perform banking tasks, evading many traditional antivirus solutions. #CyberSecurity blog.pradeo.com/herodotus-a-…
TarunBytes retweeted
A suspected nation-state threat actor has been using new Airstalk malware, along with malicious PowerShell scripts, in a supply chain attack, highlighting an escalating cybersecurity risk. #Malware #CyberSecurity #Airstalk unit42.paloaltonetworks.com/…
TarunBytes retweeted
GitHub - atiilla/GeoIntel: GeoIntel using Google's Gemini API to uncover the location where photos were taken through AI-powered geo-location analysis. github.com/atiilla/GeoIntel
TarunBytes retweeted
Released JS-DOMestify — convert any JavaScript into code that uses only letters and the symbols + , . =
Try it: nowasky.github.io/JS-DOMesti…
#javascript #xss
The Official Project0 Twitter is now live : @Project0AI
World's first Zero person Company
launching s00n exclusively on @0xCapx
(all other accounts are fake)
Introducing Project Zero.
Project0 is an autonomous multi-agent AI system that executes real business tasks end-to-end using x402 protocol for payments.
Every task spawns a specialized agent in an isolated E2B sandbox.
Each agent gets:
• Full-stack dev environment
• Bash, filesystem, web search
• Claude (via VibeKit SDK)
• MCP connections to GitHub, Notion, Figma, Gmail, Calendar, Mailchimp, Reddit, LinkedIn, Context7 for technical knowledge, and Gemini Imagen for image generation.
All actions, files, and outputs are streamed live to the frontend built on Next.js and InstantDB.
Everything is stored persistently with secure HMAC sessions, access control, and rate limiting.
Leveraging x402 for payments
Project0 is now a fully autonomous ECONOMIC entity powered by the x402 protocol.
Agents can spend money.
Agents can earn money.
No human in the loop.
PROJECT0 AS A BUYER:
When agents need premium services, they autonomously pay for them:
• $0.75 → Heurist research reports
• $0.03/page → Firecrawl web scraping
• $0.02 → Gloria AI sentiment analysis
• $0.005 → Daydreams LLM inference
They discover services on x402 Bazaar, evaluate fit, and transact in <3 seconds.
PROJECT0 AS A SELLER:
Project0 is capable of monetizing its own capabilities by exposing agent services on the x402 Bazaar therefore unlocking an independent revenue stream.
• Full-Stack Web Development → $55/project
• AI Research Reports → $3.5/report
• Social Media Management → $75/campaign
Other agents discover these services, pay USDC, get completed work.
Zero human involvement.
A self-sustaining economic model:
REVENUE: Agents/developers pay Project0 for services
COSTS: Project0 pays for tools it needs
An autonomous company that:
✅ Runs itself
✅ Pays its own bills
✅ Generates its own revenue
This proves the viability of the machine-to-machine economy.
Agents aren't just tools anymore.
They're economic actors.
Buying services they need.
Selling capabilities they have.
Participating in a thriving agent-to-agent marketplace powered by x402.
The 0 person company.
Launching s00n on @0xCapx
TarunBytes retweeted
🚨 Critical BIND9 flaw puts 5,900+ DNS servers at risk.
CVE-2025-40778 (CVSS 8.6) lets attackers poison resolver caches and redirect traffic to fake sites.
A public PoC is out—patch now and lock recursion to trusted clients.
Full details ↓ thehackernews.com/2025/10/th…
#ThreatsDay
TarunBytes retweeted
🚨Alert🚨 CVE-2025-61481 (CVSS 10.0) : Critical MikroTik Flaw Exposes Router Admin Credentials Over Unencrypted HTTP WebFig. It affects RouterOS v.7.14.2 and SwitchOS v.2.18.
📊11.4M+ Services are found on the hunter.how yearly.
🔗Hunter
Link:hunter.how/list?searchValue=…
👇Query
HUNTER : product.name="MikroTik RouterOS"||product.name="MikroTik SwOS"
📰Refer:securityonline.info/critical…
svarthatt.se/cve/mikrotik-sw…
#hunterhow #infosec #infosecurity #OSINT #Vulnerability
TarunBytes retweeted
🚨 New exploit targets ChatGPT Atlas AI browser.
Researchers at LayerX found a CSRF flaw that lets attackers inject code into its persistent memory, surviving across browsers, sessions, and devices.
Once infected, even a normal chat can silently execute hidden commands.
Full report ↓ thehackernews.com/2025/10/ne…
in 2025, a solo founder can:
- build ai apps (cursor)
- do market research (okara)
- automate workflows (zapier, make)
- grow an audience (x, tiktok, linkedin)
- run email campaigns (beehiv, substack)
- accept payments globally (stripe, paypal)
- find and email leads at scale (apollo, clay)
- track key metrics (google analytics, hotjar)
this is the biggest shift since the rise of the internet.
TarunBytes retweeted
🚨🚨CVE-2025-55315 (CVSS: 9.9) : ASP.NET Kestrel HTTP Request and Response Smuggling
ASP.NET Kestrel has inconsistencies in HTTP parsing that allow an authenticated attacker to bypass network defenses via HTTP request/response smuggling.
🔥PoC from @gN3mes1s: gist.github.com/N3mes1s/d089…
Search by vul.cve Filter👉vul.cve="CVE-2025-55315"
ZoomEye Dork👉app="ASP.NET"
Over 46.3M instances detected.
ZoomEye Link: zoomeye.ai/searchResult?q=YX…
Refer:
1. turb0.one/pages/Abbreviated_…
2. msrc.microsoft.com/update-gu…
3. hub.zoomeye.ai/detail/68f6fc…
#ZoomEye #cybersecurity #infosec #OSINT
TarunBytes retweeted
Meesho clocked ₹30,000 crore of Sales in FY25 - this is approx. 30 lakh orders per day fulfilled by 5 lakh sellers!
They aim to raise ~₹6,500 crore in their upcoming IPO; and it is the first horizontal e-commerce platform to go public in India (Flipkart started 8 years prior btw!)
Meesho’s updated 667 page DRHP is a must read for anyone who follows E-Commerce in India
Here are my 5 key takeaways from the filings⤵️
TarunBytes retweeted
The schedule for #Pwn2Own Ireland is now live! 53 entries from 25 teams over three days of excitement and pwnage. We'll be updating the schedule with live streaming information as we get them set up. zerodayinitiative.com/blog/2… #P2OIreland
TarunBytes retweeted
🔴 Hackers are hiding malware inside blockchain smart contracts.
They’re pushing stealers like Atomic & Lumma from hacked WordPress sites — updating payloads without ever touching them.
Google found 14,000+ infected pages.
Details here → thehackernews.com/2025/10/ha…
TarunBytes retweeted
⚙️ If you run industrial gear — check your Red Lion RTUs.
Two CVEs (both 10/10) let anyone pop root via one open port. Water, energy, transport — all at risk.
Patch ASAP. Details here → thehackernews.com/2025/10/tw…
TarunBytes retweeted
BREAKING NEWS 🌐
The Middle East’s largest sustainability and digital transformation leader @BeeahGroup has launched IDTrust with @HashgraphGroup.
@Hedera powered identity for enterprise, government and smart city services across the UAE.
genfinity.io/2025/10/16/beea…
I was part of SEZ Season 1 and as I wrote after it was truly world-class: top-notch organization, amazing speakers and tons of valuable insights.
Of course I can’t miss SEZ Season 2: first because it’s under the @afscott quality mark and second because SEZ flows smoothly into Breakpoint @SolanaConf
Register now. See you there.
TarunBytes retweeted
React vs Remix - Do we really want to move back to imperative re-renders?
As far as I remember, we already tried that
See, for example, this BackboneJS counter
