I wonder what in external secret repo creds.yaml and AWS Workspace Firefox Passwords.csv? The US Cybersecurity and Infrastructure Security Agency CISA left open a GitHub repository named “Private CISA” containing plain text passwords, private keys, tokens, and secrets – with obvious file names like “external secret repo creds.yaml” and “AWS Workspace Firefox Passwords.csv” – for six months. GitGuardian researcher Guillaume Valadon, fresh off a recent talk on Kubernetes secret leaks, found the...

Read the full article at The Register

In stunning display of stupid, secret CISA credentials found in public GitHub repo

Found 8 hours ago at Arstechnica

---

America's top cyber-defense agency left a GitHub repo open with with passwords, keys, tokens – and incredibly obvious filenames

Found 8 hours ago at The Register

---

Airbus gets HPC-as-a-service supercomputer from Bull

Found 11 hours ago at The Register

---

Broadcom finds a VMware customer willing to stick around: London Stock Exchange

Found 13 hours ago at The Register

---

Shai-Hulud keeps burrowing: 314 npm packages infected after another account compromise

Found 13 hours ago at The Register

---