Lessons Learned from CISA’s Recent GitHub Leak

·Krebs on Security··

The Cybersecurity and Infrastructure Security Agency (CISA) has issued a postmortem on a recent data leak in which a contractor published dozens of internal CISA credentials — including AWS Govcloud keys — in a public GitHub repository for almost six months before being notified by KrebsOnSecurity. Experts say the gaps identified in the agency’s initial response provide important lessons that all security teams should absorb. On May 15, 2026, the security firm GitGuardian asked for help in notif...

Read full article →

Related Articles

Google Chrome silently installs a 4 GB AI model on your device without consent
john-doe · Hacker News · 2mo ago
DNSSEC disruption affecting .de domains – Resolved
warpspin · Hacker News · 2mo ago
Security through obscurity is not bad
mobeigi · Hacker News · 2mo ago
US healthcare marketplaces shared citizenship and race data with ad tech giants
ZeidJ · Hacker News · 2mo ago
The text mode lie: why modern TUIs are a nightmare for accessibility
SpyCoder77 · Hacker News · 2mo ago