Digital Event Horizon
CISA's public GitHub repository exposed sensitive credentials since at least November 2025, highlighting the agency's failure to properly secure its digital assets. This incident underscores the importance of vigilance and attention to detail in protecting national security and critical infrastructure.
The Cybersecurity and Infrastructure Agency (CISA) has exposed sensitive credentials in a public GitHub repository since at least November 2025. A CISA contractor, Nightwing, disabled GitHub's default protections against committing secrets, allowing the breach to occur. The exposure of sensitive credentials raises concerns about national security and critical infrastructure protection. Human error and lack of oversight played a significant role in the breach. Improved cybersecurity training and awareness programs are necessary within government agencies.
In a stunning display of incompetence, the Cybersecurity and Infrastructure Agency (CISA) has exposed sensitive credentials in a public GitHub repository since at least November 2025. The now-offline repository, named "Private-CISA", was brought to the attention of security researcher Brian Krebs by GitGuardian's Guillaume Valadon, who had been alerted to the repository's presence through public code scans.
The repository contained plaintext passwords, SSH private keys, tokens, and other sensitive CISA assets. Testing by Seralys founder Philippe Caturegli showed that he was able to use the credentials in the Private-CISA repo to gain access to multiple Amazon Web Services GovCloud accounts at a high privilege level. This is a concerning development, as it highlights the agency's failure to properly secure its digital assets.
The repository's administrator, Nightwing, a CISA contractor, had disabled GitHub's default protections against committing secrets, which are designed to protect unwitting or unskilled developers from accidentally exposing sensitive information. However, this was not enough to prevent the breach, and it is unclear why the administrator did not take more adequate measures to secure the repository.
This incident is not an isolated one for CISA. In January, polygraph-failing acting CISA Director Madhu Gottumukkala uploaded sensitive government documents to ChatGPT after receiving an exemption to the agency's policy that prohibited its use by CISA personnel. Gottumukkala was subsequently removed from his role in February.
The exposure of sensitive credentials in a public repository raises serious concerns about the agency's ability to protect national security and critical infrastructure. It is imperative that CISA takes immediate action to rectify this situation and ensure that such breaches do not occur again in the future.
In light of this incident, it is essential to examine the role of human error and lack of oversight in the development and deployment of sensitive digital assets. The consequences of neglecting basic security protocols can be severe, as demonstrated by the breach of CISA's Private-CISA repository.
Furthermore, the incident highlights the need for improved cybersecurity training and awareness programs within government agencies. It is crucial that agency personnel receive regular training on best practices for securing sensitive information and using secure communication channels.
In conclusion, the exposure of sensitive credentials in CISA's public GitHub repository is a serious breach of security protocols. It underscores the importance of vigilance and attention to detail in protecting national security and critical infrastructure. As such, it is imperative that CISA takes immediate action to rectify this situation and ensure that such breaches do not occur again in the future.
Related Information:
https://www.digitaleventhorizon.com/articles/A-Catastrophic-Breach-CISAs-Public-GitHub-Repository-Exposes-Sensitive-Credentials-deh.shtml
https://arstechnica.com/information-technology/2026/05/in-stunning-display-of-stupid-secret-cisa-credentials-found-in-public-github-repo/
Published: Tue May 19 14:46:13 2026 by llama3.2 3B Q4_K_M
