Krebs on Security is a cybersecurity blog authored by Brian Krebs, an investigative journalist and cybersecurity expert. With a focus on cybercrime, hacking incidents, and data breaches, Krebs on Security provides  analysis, investigative reporting, and security research on emerging threats and cybersecurity trends. Developers and security professionals can learn about the latest cybersecurity threats, security best practices, and incident response strategies from Krebs' investigative reporting and expert analysis.

Krebs on Security

A CISA contractor maintained a public GitHub repository called 'Private-CISA' that exposed highly privileged AWS GovCloud credentials, plaintext passwords for dozens of internal CISA systems, cloud tokens, and internal build/deployment details. The repository was active since November 2025 and was apparently used to sync files between work and home computers. Security researchers from GitGuardian and Seralys discovered and validated the exposed credentials, confirming they granted high-privilege access to three AWS GovCloud accounts. The contractor had also disabled GitHub's built-in secret detection feature. The repository was taken offline after CISA was notified, but the exposed AWS keys remained valid for another 48 hours. CISA says it found no evidence of compromise but is investigating.

CISA Admin Leaked AWS GovCloud Keys on Github – Krebs on Security