Skip to content
Close Menu

    Subscribe to Updates

    Get the latest news from tastytech.

    What's Hot

    xFusion scales enterprise AI from edge workstations to liquid-cooled data centres

    July 5, 2026

    Finding VM File Locks on ESXi: A Production-Safe Runbook Before You Kill Processes

    July 5, 2026

    AirPods Max 2 vs Sony WH-1000XM6: which is king of the noise cancelling headphones game?

    July 5, 2026
    Facebook X (Twitter) Instagram
    Facebook X (Twitter) Instagram
    tastytech.intastytech.in
    Subscribe
    • AI News & Trends
    • Tech News
    • AI Tools
    • Business & Startups
    • Guides & Tutorials
    • Tech Reviews
    • Automobiles
    • Gaming
    • movies
    tastytech.intastytech.in
    Home»Tech Reviews»Secret CISA credentials found in public GitHub repo
    Secret CISA credentials found in public GitHub repo
    Tech Reviews

    Secret CISA credentials found in public GitHub repo

    gvfx00@gmail.comBy gvfx00@gmail.comMay 20, 2026No Comments2 Mins Read
    Share
    Facebook Twitter LinkedIn Pinterest Email



    Security researcher Brian Krebs brings us the news that America’s Cybersecurity & Infrastructure Agency (CISA) has had a large store of plaintext passwords, SSH private keys, tokens, and “other sensitive CISA assets” exposed in a public GitHub repo since at least November 2025.

    The now-offline public repo—named, somewhat aspirationally, “Private-CISA”—was brought to Krebs’ attention by GitGuardian’s Guillaume Valadon, who was alerted to the repo’s presence by GitGuardian’s public code scans. Krebs says that Valadon approached him after receiving no responses from the Private-CISA repo’s owner.

    In an email to Krebs, Valadon claimed that the repo’s commit logs show that GitHub’s default protections against committing secrets—protections designed to protect unwitting or unskilled developers against exactly this kind of stupidness—had been disabled by the repo’s administrator.

    Testing by Seralys founder Philippe Caturegli showed that this was not a joke or hoax and that he was able to use the credentials in the Private-CISA repo to gain access to multiple Amazon Web Services GovCloud accounts “at a high privilege level.”

    Krebs notes that the repo appeared to be managed by Virginia-based Nightwing, a CISA contractor. Nightwing has so far not commented publicly, instead referring questions back to CISA.

    This isn’t the first time CISA has screwed up—in fact, it’s not even the first time this year. In January, polygraph-failing acting CISA Director Madhu Gottumukkala uploaded sensitive government documents to ChatGPT after demanding and receiving an exemption to the agency policy that prohibited ChatGPT’s use by CISA personnel. Gottumukkala was removed from his role in February.

    Table of Contents

    Toggle
      • Related posts:
    • Razer's new Blade 16 has Intel's latest chips and ultra-fast RAM
    • The epic Mac mini M4 is just $499 today at Best Buy - quite possibly the best value machine you'll e...
    • DuckDuckGo's Popular 'No AI' Search Engine Is Now Easier to Access

    Related posts:

    Protect your holiday season with big ESET discount – 30% discounts across Essential, Premium, and Ul...

    Get this speedy Crucial X9 2TB Portable SSD for £105.99 at Amazon

    Disney has accused Google of copyright infringement on a 'massive scale'

    Share. Facebook Twitter Pinterest LinkedIn Tumblr Email
    Previous ArticleStar Wars Jedi Veteran's Dungeons & Dragons Game Has Been Canceled
    Next Article Automating Browsers with Local AI Agents
    gvfx00@gmail.com
    • Website

    Related Posts

    Tech Reviews

    AirPods Max 2 vs Sony WH-1000XM6: which is king of the noise cancelling headphones game?

    July 5, 2026
    Tech Reviews

    Windows and Linux users: The deadline to update Secure Boot keys is near

    July 5, 2026
    Tech Reviews

    Tesla Expands Robotaxi Service To Small Section Of Miami

    July 4, 2026
    Add A Comment
    Leave A Reply Cancel Reply

    Top Posts

    Black Swans in Artificial Intelligence — Dan Rose AI

    October 2, 2025206 Views

    Every Clue That Tony Stark Was Always Doctor Doom

    October 20, 2025129 Views

    We let ChatGPT judge impossible superhero debates — here’s how it ruled

    December 31, 2025100 Views
    Stay In Touch
    • Facebook
    • YouTube
    • TikTok
    • WhatsApp
    • Twitter
    • Instagram

    Subscribe to Updates

    Get the latest tech news from tastytech.

    About Us
    About Us

    TastyTech.in brings you the latest AI, tech news, cybersecurity tips, and gadget insights all in one place. Stay informed, stay secure, and stay ahead with us!

    Most Popular

    Black Swans in Artificial Intelligence — Dan Rose AI

    October 2, 2025206 Views

    Every Clue That Tony Stark Was Always Doctor Doom

    October 20, 2025129 Views

    We let ChatGPT judge impossible superhero debates — here’s how it ruled

    December 31, 2025100 Views

    Subscribe to Updates

    Get the latest news from tastytech.

    Facebook X (Twitter) Instagram Pinterest
    • Homepage
    • About Us
    • Contact Us
    • Privacy Policy
    © 2026 TastyTech. Designed by TastyTech.

    Type above and press Enter to search. Press Esc to cancel.

    Ad Blocker Enabled!
    Ad Blocker Enabled!
    Our website is made possible by displaying online advertisements to our visitors. Please support us by disabling your Ad Blocker.