In stunning display of stupid, secret CISA credentials found in public GitHub repo
Summary
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) had private passwords and security keys publicly exposed on a GitHub repository since at least November 2025. Security experts confirmed these credentials were real and could be used to access sensitive government cloud accounts.Key Facts
- A public GitHub repository named "Private-CISA" contained CISA’s plaintext passwords, private keys, tokens, and other sensitive data.
- The repository was exposed publicly for at least seven months, from November 2025 until recently taken offline.
- GitGuardian alerted security researcher Brian Krebs about the repository after scanning public code for secrets.
- The repo’s administrator disabled GitHub’s usual protections that prevent accidentally publishing secret information.
- Tests showed the leaked credentials granted high-level access to Amazon Web Services GovCloud accounts.
- The repository appears to have been managed by Nightwing, a CISA contractor based in Virginia.
- CISA has not publicly responded, and Nightwing referred questions back to CISA.
- Earlier in 2026, CISA’s acting director was removed after sharing sensitive info on ChatGPT against agency rules.
Read the Full Article
This is a fact-based summary from The Actual News. Click below to read the complete story directly from the original source.