The agency's GitHub repository, publicly available since November 2025, was ironically named "Private-CISA."

Credenziali GovCloud e password in chiaro: il caso CISA mostra i rischi colossali dei segreti esposti su GitHub.

The federal cybersecurity agency left plaintext passwords in a spreadsheet uploaded to a public GitHub repository, per a report by independent journalist Brian Krebs.

CISA left plaintext passwords and AWS GovCloud admin keys in a public GitHub repo for six months. GitGuardian discovered the 844 MB exposure on May 14, 2026.

I wonder what's in 'external-secret-repo-creds.yaml' and 'AWS-Workspace-Firefox-Passwords.csv'?

I wonder what's in 'external-secret-repo-creds.yaml' and 'AWS-Workspace-Firefox-Passwords.csv'?

SSH keys, plaintext passwords, other sensitive data had been up since November 2025.

The agency's GitHub repository, publicly available since November 2025, was ironically named "Private-CISA."

On May 14, 2026, GitGuardian found what looked like leaked CISA secrets in a public GitHub repository...

Crazy story: Until this past weekend, a contractor for the Cybersecurity & Infrastructure Security Agency (CISA) maintained a public GitHub repository that exposed credentials to…