All Topics
All Topics
Technology
Technology
AI
AI
Business
Business
Entertainment
Entertainment
News
News
Programming
Programming
Science
Science
Design
Design
Environment
Environment
Finance
Finance
Crypto
Crypto
Politics
Politics
Sports
Sports
Education
Education
Gaming
Gaming
Art
Art
Music
Music
Health
Health
Security
Security
Books
Books
Food
Food
Travel
Travel
Personal
Personal
Bluesky
Twitter
First reported by BackBox.org
GitLost: GitHub’s AI Agent Tricked Into Leaking Private Repository Data

CISA Leaks Secret Credentials in a Public Github Repo

Key takeaways: A contractor exposed sensitive internal CISA data, including credentials and infrastructure code, on a public GitHub repository, and the incident was brought to light by an…

Read the full article
@ph00lt04h ago

You might also wanna read

CISA Contractor Exposed AWS GovCloud Credentials on Public GitHub Repository

Until this past weekend, a contractor for the Cybersecurity & Infrastructure Security Agency (CISA) maintained a public GitHub repository th

krebsonsecurity.com·1mo ago

CISA Contractor Exposed AWS GovCloud Credentials on Public GitHub Repository

Until this past weekend, a contractor for the Cybersecurity & Infrastructure Security Agency (CISA) maintained a public GitHub repository th

krebsonsecurity.com·1mo ago

CISA Exposed Its Own Cloud Storage Credentials in Plain Text on Public GitHub Repository

Passwords were stored as plain text in a public GitHub repository.

gizmodo.com·1mo ago

CISA Contractor Leaks AWS GovCloud Keys and Agency Secrets on Public GitHub; Lawmakers Demand Answers

Lawmakers in both houses of Congress are demanding answers from the U.S. Cybersecurity & Infrastructure Security Agency (CISA) after KrebsOn

krebsonsecurity.com·1mo ago

Untitled

CISA has released a set of lessons learned from a cyber incident first reported by KrebsOnSecurity on May 18 wherein dozens of CISA internal

infosec.exchange·21h ago

Public GitHub Issue Could Trick GitHub Agentic Workflows Into Leaking Private Repo Data

A public issue can trick GitHub Agentic Workflows into leaking the contents of an organization's private repositories, researchers at Noma S

thehackernews.com·3d ago

Guest Post: How I Scanned all of GitHub’s “Oops Commits” for Leaked Secrets ◆ Truffle Security Co.

GitHub Archive logs every public commit, even the ones developers try to delete. Force pushes often cover up mistakes like leaked credential

trufflesecurity.com·1y ago

Comments

Sign in to join the conversation.

No comments yet. Be the first.