THREATNOIR
Subscribe
Back to Feed
PolicyMay 19, 2026

CISA Exposes Secrets, Credentials in 'Private' Repo

CISA's GitHub repo labeled 'Private-CISA' exposed secrets and credentials publicly since November 2025.

Read at source

Summary

The US Cybersecurity and Infrastructure Security Agency (CISA) inadvertently left a GitHub repository named 'Private-CISA' publicly accessible, exposing sensitive secrets and credentials. The repository has been publicly available since November 2025, highlighting a significant operational security lapse by a federal cybersecurity agency.

Entities

CISA (Cybersecurity and Infrastructure Security Agency) (vendor)GitHub (technology)