CISA Leaks Secret Credentials in a Public Github Repo
Key takeaways: A contractor exposed sensitive internal CISA data, including credentials and infrastructure code, on a public GitHub repository, and the incident was brought to light by an…
Read the full articleYou might also wanna read
CISA Contractor Exposed AWS GovCloud Credentials on Public GitHub Repository
Until this past weekend, a contractor for the Cybersecurity & Infrastructure Security Agency (CISA) maintained a public GitHub repository th
CISA Contractor Exposed AWS GovCloud Credentials on Public GitHub Repository
Until this past weekend, a contractor for the Cybersecurity & Infrastructure Security Agency (CISA) maintained a public GitHub repository th
CISA Exposed Its Own Cloud Storage Credentials in Plain Text on Public GitHub Repository
Passwords were stored as plain text in a public GitHub repository.
CISA Contractor Leaks AWS GovCloud Keys and Agency Secrets on Public GitHub; Lawmakers Demand Answers
Lawmakers in both houses of Congress are demanding answers from the U.S. Cybersecurity & Infrastructure Security Agency (CISA) after KrebsOn
Untitled
CISA has released a set of lessons learned from a cyber incident first reported by KrebsOnSecurity on May 18 wherein dozens of CISA internal
Public GitHub Issue Could Trick GitHub Agentic Workflows Into Leaking Private Repo Data
A public issue can trick GitHub Agentic Workflows into leaking the contents of an organization's private repositories, researchers at Noma S

Guest Post: How I Scanned all of GitHub’s “Oops Commits” for Leaked Secrets ◆ Truffle Security Co.
GitHub Archive logs every public commit, even the ones developers try to delete. Force pushes often cover up mistakes like leaked credential
trufflesecurity.com·1y ago
Comments
Sign in to join the conversation.
No comments yet. Be the first.