1
CISA Security Leak
CISA承包商在GitHub上意外暴露多个高权限AWS GovCloud账户凭证,安全专家揭露开源仓库风险。
Crazy story : Until this past weekend, a contractor for the Cybersecurity & Infrastructure Security Agency (CISA) maintained a public GitHub repo…
2
US cyber agency CISA exposed reams of passwords and cloud keys to the open web
安全研究员发现CISA承包商员工竟在GitHub上公开了明文凭证,包括云密钥和访问令牌,差点引发重大数据泄露。
The federal cybersecurity agency left plaintext passwords in a spreadsheet uploaded to a public GitHub repository, per a report by independent journal…
3
In stunning display of stupid, secret CISA credentials found in public GitHub repo
CISA大量明文密码、SSH密钥等敏感凭证在GitHub公共仓库中暴露数月,安全失误令人震惊。
SSH keys, plaintext passwords, other sensitive data had been up since November 2025.
4
s1ngularity: supply chain attack in Nx packages
Nx包遭供应链攻击窃取开发者凭证,Vercel默认安全,请立即自查受影响环境。
Threat actors published modified versions of the Nx package and some of its supporting libraries to the npm registry with the goal of exfiltrating dev…