> TritonInfoSec News
Home / May 24, 2026 / Story
0
#8 Schneier on Security threat-intel May 22, 2026 at 13:58 UTC

CISA Security Leak

By Bruce Schneier

AI Summary

A CISA contractor inadvertently exposed credentials to multiple highly privileged AWS GovCloud accounts and numerous internal CISA systems via a public GitHub repository, in what security experts are calling one of the most egregious government data leaks in recent history. The repository also contained detailed documentation on how CISA internally builds, tests, and deploys software. The repository was taken down as of last weekend, but the exposure window and full blast radius remain under investigation.

Read full article → https://www.schneier.com/blog/archives/2026/05/cis…

Relevance score: 79.0/100

# More from May 24

  1. 1
    LiteSpeed cPanel Plugin CVE-2026-48172 Exploited to Run Scripts as Root The Hacker News
  2. 2
    Drupal Core SQL Injection Bug Actively Exploited, Added to CISA KEV The Hacker News
  3. 3
    A hacker group is poisoning open source code at an unprecedented scale Ars Technica Security
  4. 4
    Grafana Says Codebase and Other Data Stolen via TanStack Supply Chain Attack SecurityWeek
  5. 5
    ‘First VPN’ Cybercrime Service Disrupted, Administrator Arrested SecurityWeek
  6. 6
    US and Canada arrest and charge suspected Kimwolf botnet admin BleepingComputer
  7. 7
    CISA Adds Exploited Langflow and Trend Micro Apex One Vulnerabilities to KEV The Hacker News
  8. 9
    FBI warns about fast-growing phishing kit targeting Microsoft 365 users CyberScoop
  9. 10
    China's Webworm Uses Discord, Microsoft Graphs to Hack EU Govts. Dark Reading