AICRIER_2
OPEN FEED
YOU ARE VIEWING ONE ITEM FROM THE AICRIER FEED

CISA contractor leaves AWS keys public on GitHub

AICrier tracks AI developer news across Product Hunt, GitHub, Hacker News, YouTube, X, arXiv, and more. This page keeps the article you opened front and center while giving you a path into the live feed.

EXPLORE LATEST FEEDSEE FEATURED PICKS

// WHAT AICRIER DOES

7+

TRACKED FEEDS

24/7

SCRAPED FEED

Short summaries, external links, screenshots, relevance scoring, tags, and featured picks for AI builders.

CISA contractor leaves AWS keys public on GitHub
OPEN LINK ↗
// 13h agoSECURITY INCIDENT

CISA contractor leaves AWS keys public on GitHub

ANNOUNCEMENTPRODUCT

A GitGuardian researcher found plaintext credentials, including AWS GovCloud keys, access tokens, and other sensitive files in a public GitHub repository maintained by an employee working for a CISA contractor. The incident was reported to KrebsOnSecurity, and while the exposed keys were reportedly valid when checked, it is not clear whether anyone besides the researcher accessed them or whether the agency has confirmed a downstream breach.

// ANALYSIS

This looks less like a hack than a severe secrets-management failure for the agency responsible for federal cyber hygiene. The exposed material reportedly included highly privileged AWS GovCloud access and internal CISA/DHS credentials, and a researcher validated some of the keys before escalating the issue, which raises the risk well beyond a dead-secret cleanup. Even without confirmed misuse, the blast radius is large enough to treat it as a serious security incident.

// TAGS
cisagithubawsgovcloudcredential-leaksecrets-managementcybersecuritygovernment

DISCOVERED

13h ago

2026-05-19

PUBLISHED

17h ago

2026-05-19

RELEVANCE

8/ 10

AUTHOR

neogodless