A contractor for CISA maintained a public GitHub repository that exposed credentials to privileged AWS GovCloud accounts and internal CISA systems, including sensitive software development and deployment details. The article does not provide a CVSS score, specific affected software versions, a fixed version, or a recommended workaround.
Home CISA Security Leak Crazy story : Until this past weekend, a contractor for the Cybersecurity & Infrastructure Security Agency (CISA) maintained a public GitHub repository that exposed credentials to several highly privileged AWS GovCloud accounts and a large number of internal CISA systems. Security experts said the public archive included files detailing how CISA builds, tests and deploys software internally, and that it represents one of the most egregious government data leaks in recent history. News article . Tags: cybersecurity , data breaches , keys , leaks Posted on May 22, 2026 at 9:58 AM • 0 Comments Subscribe to comments on this entry Leave a comment Cancel reply Blog moderation policy Login Name Email URL: Remember personal info? Fill in the blank: the name of this blog is Schneier on ___________ (required): Comments: Allowed HTML <a href="URL"> • <em> <cite> <i> • <strong> <b> • <sub> <sup> • <ul> <ol> <li> • <blockquote> <pre> Markdown Extra syntax via https://michelf.ca/projects/php-markdown/extra/ Δ ← macOS Kernel Memory Corruption Exploit Sidebar photo of Bruce Schneier by Joe MacInnis. Powered by WordPress Hosted by Pressable