CISA, the US cybersecurity agency, had a trove of sensitive credentials — including plaintext passwords, SSH private keys, and tokens — exposed in a public GitHub repository called "Private-CISA" since at least November 2025, with GitHub's default secret-protection features deliberately disabled. Security testing confirmed the leaked credentials provided high-privilege access to multiple AWS GovCloud accounts, and the repo appears to have been managed by CISA contractor Nightwing. The incident marks yet another security embarrassment for CISA, following a separate January 2026 incident in which the acting director uploaded sensitive government documents to ChatGPT.
