Skip to content
The Nexus
DossierENTITY

GitGuardian

Coverage of GitGuardian in the Nexus archive.

Earliest in view: May 18 · 20:48 UTCMost recent: Jul 10 · 18:54 UTC
Co-mentioned in this coverage
Recent coverage
  • SECURITYJul 10 · 18:54 UTCCYBERSCOOP
    CISA looks to remedy ailments from big May credential leak

    CISA responded to a May 2023 credential leak by improving protections for sensitive materials, enhancing vulnerability reporting processes, and developing incident response plans. The leak, involving exposed Amazon AWS GovCloud keys on GitHub, led to no customer data exposure, and CISA implemented measures like endpoint monitoring and secret rotation. A security researcher praised CISA’s transparency in acknowledging both successful and flawed aspects of its response.

  • SECURITYMay 19 · 23:28 UTCCYBERSCOOP
    CISA credential leak raises alarms, and Capitol Hill demands answers

    The Cybersecurity and Infrastructure Security Agency (CISA) is investigating a reported exposure of sensitive agency credential data on GitHub, which was discovered by security firm GitGuardian. Congressional Democrats are demanding answers from CISA about the incident. The exposure has raised concerns about potential abuse by malicious parties.

  • SECURITYMay 19 · 18:27 UTCARS TECHNICA
    In stunning display of stupid, secret CISA credentials found in public GitHub repo

    America's Cybersecurity & Infrastructure Agency (CISA) had a large store of sensitive assets exposed in a public GitHub repository since at least November 2025. The repository, named 'Private-CISA', contained plaintext passwords, SSH private keys, tokens, and other sensitive CISA assets. Security researcher Brian Krebs reported the incident after being approached by Guillaume Valadon from GitGuardian.

  • SECURITYMay 19 · 17:49 UTCTHE REGISTER
    America's top cyber-defense agency left a GitHub repo open with with passwords, keys, tokens – and incredibly obvious filenames

    The US Cybersecurity and Infrastructure Security Agency (CISA) left a GitHub repository open with sensitive information, including passwords and keys, for six months. The leak was discovered by GitGuardian researcher Guillaume Valadon, who reported it to CISA, which then took down the repository. The incident is a significant security lapse for the agency.

  • SECURITYMay 18 · 20:48 UTCKREBS ON SECURITY
    CISA Admin Leaked AWS GovCloud Keys on Github

    A contractor for the Cybersecurity & Infrastructure Security Agency (CISA) exposed credentials to AWS GovCloud accounts and internal CISA systems on a public GitHub repository. The leak included files detailing how CISA builds, tests, and deploys software internally. The exposed credentials represent a significant government data leak.