Cisa news

A CISA contractor exposed highly sensitive credentials on a public GitHub repository. The leak included access keys to AWS GovCloud accounts and internal CISA systems, along with details on the agency's internal software development and deployment processes, marking a significant government data breach.

The US Cybersecurity and Infrastructure Agency (CISA) accidentally exposed sensitive credentials, including plaintext passwords and SSH keys, in a public GitHub repository. The repository, discovered by security firm GitGuardian, was accessible for an extended period before being taken offline after a security researcher reported the issue.

The US cybersecurity agency has updated its Known Exploited Vulnerabilities (KEV) catalog with seven new entries, including flaws in Microsoft Windows, Defender, and Adobe Acrobat. The additions signal that these vulnerabilities are being actively used by attackers, requiring urgent attention from IT and security teams.

A contractor's public GitHub repository accidentally exposed sensitive credentials. The leak included access keys for US government AWS accounts and internal systems for the Cybersecurity and Infrastructure Security Agency (CISA). A researcher from GitGuardian discovered the exposure, which was then reported by security journalist Brian Krebs.

A government contractor's public GitHub repository accidentally exposed credentials for US government AWS accounts and internal CISA systems. The leak, discovered by a security researcher, included sensitive access keys found within the repository's commit history and developer notes, highlighting significant security risks.

A CISA contractor exposed highly privileged AWS GovCloud credentials and internal system details in a public GitHub repository. Security experts call it a major government data leak, revealing sensitive information about how the agency builds, tests, and deploys its internal software systems, posing a significant security risk.