J'ai un blog maintenant. chelsea486mhz.fr/blog

A closer look at a BGP anomaly in Venezuela blog.cloudflare.com/bgp-rout…

31[.]56[.]27[.]97 blasting cryptominer software at TPLink devices using CVE-2021-44228 gist.github.com/Chelsea486MH…

We created a sun that dies after 22 minutes 🤔

i end up reversing malware with my ex every couple months. we don’t plan it. it just… happens. 2am. both online. a new APT sample drops. They open the repo. or i do. neither of us acknowledges who pulled it first. the call is 90 percent silence. no “how’ve you been.” no “you seeing anyone?” just technical murmurs and disassembly. “figured out the priv esc.” “kernel module just unhooked itself.” “beautiful obfuscation.” that’s the whole conversation. here’s the thing though. our analysis chemistry is still perfect. They know when i’m about to dive into a code path before my cursor even hovers. i know their heuristics better than the last six reversers i’ve tried to sync with. we don’t communicate because we don’t need to. 2500 hours in IDA together doesn’t give a fuck about relationship status. we’ll unravel an APT loader chain in one night. maybe crack the C2 protocol too if we’re lucky. then it’s “sample done” and we vanish for another 2 months. no follow up. no “we should collab more.” nothing. because we both know what this is. it’s not friendship. it’s not rekindling. it’s not even nostalgia. it’s that neither of us has found better analytical synergy. and that’s the uncomfortable truth about APT reverse-engineering duos. you can end a relationship and still be stuck sharing a debugger window with someone who reads your mind in assembly. you can hate someone’s guts and still flawlessly unwind a four-stage dropper with them. you can move on emotionally and still be hardstuck trying to replace that one person whose brain clicked with yours in virtual machine bytecode. some people have exes they still sleep with. i have an ex i still reverse APT malware with. honestly not sure which is worse. study the UwU way.

Ethical hacking is the most overrated ‘tech flex’ of this generation not because it’s useless, but because most people chasing it don’t actually want to secure anything. They just want the ‘hacker’ aesthetic. The truth is, 80% of real security problems aren’t solved by clever exploits… they’re solved by boring things like patching, logs, access control, policies, and people doing what they’re supposed to do. But nobody wants to hear that because it’s not flashy. Ethical hacking gets all the hype, but in real life, it’s the least impactful part of cybersecurity. The End 🌚

Imagine so incredible cruel that you are community manager for a russian hacker group that hacked SCADA equipment in a Dutch water theme park to increase water chlorination and burn children chemically

non

2010 NSA must have been one hell of a workplace

For some reason, I cannot get Claude Opus 4.5 to consider Unit 8200 a serious threat actor in *any* threat model. Weird, eh? 🤔

⚠️ Vulnérabilité React Server Components Le @CERT_FR a publié une alerte de sécurité relative à la vulnérabilité CVE-2025-55182 affectant React Server Components. ➡ Informations et recommandations sur le site du CERT-FR : cert.ssi.gouv.fr/alerte/CERT…

Another W for DevSecOps

- $15 billion dollar company - ships entire browser with their application cause "native GUI too hard bro" - javascript so devs don't have to reason about memory - leaks memory anyway - "let's just restart the application when we go above 4 GB" this is a new rock bottom

A POC for CVE-2025-55182 gist.github.com/maple3142/48…

Since I started to analyze CVE-2025-55182 (React, NextJS RCE) at work today, I decided to publish my analysis findings so far, given all the fuzz about the vulnerability: github.com/msanft/CVE-2025-5… Feel free to contribute to the search for a proper RCE sink!

Dealing with bug bounty reports for CVE-2025-66478 at the program that I manage in high numbers without actual POC is amusing. Congrats you managed to identify our apps running on next.JS here is your $15k.

I wrote a Python script to batch-check endpoints for the #React2Shell #RCE CVE-2025-55182. github.com/Chelsea486MHz/CVE…

Our Security Research team at @SLCyberSec just published a high-fidelity detection mechanism for the Next.js/RSC RCE (CVE-2025-55182 & CVE-2025-66478) - slcyber.io/research-center/h…. There are a lot of PoCs on GitHub that are adding noise to the problem; I hope this helps people!

#React2Shell POC went public minutes ago -> github.com/ejpir/CVE-2025-55… #CVE CVE-2025-55182

xchat private key retrieval and decryption