Skip to content
The Nexus
SECURITYMay 19 · 17:49 UTCTHE REGISTER

America's top cyber-defense agency left a GitHub repo open with with passwords, keys, tokens – and incredibly obvious filenames

The US Cybersecurity and Infrastructure Security Agency (CISA) left a GitHub repository open with sensitive information, including passwords and keys, for six months. The leak was discovered by GitGuardian researcher Guillaume Valadon, who reported it to CISA, which then took down the repository. The incident is a significant security lapse for the agency.

Nexus surfaces and summarizes. The full story lives at the source.

Mentioned
Spot something wrong with this article?Report a problem →
Forward this