credential exposure
10 posts
Contractor PAT leaked 270GB of Times source
The 2024 NYT source code leak was not a credential breach. It was a credential sprawl chain. The mechanism, telemetry gaps, and what still applies.
CISA administrator published GovCloud keys to GitHub
A CISA administrator's publication of AWS GovCloud keys to public GitHub exposes the gap between cloud segregation policy and runtime control.
CISA pushed passwords to a public repo
A top cyberdefense agency published credentials in a public GitHub repository. A control analysis of what failed and what must now be true.
The breach isn't the leak. It's the leaker.
A board-level reading of a U.S. cybersecurity agency credential exposure on GitHub, framed as runtime control failure and institutional risk.
CISA contractor leaked GovCloud keys to GitHub
Technical analysis of a CISA contractor's leaked AWS GovCloud admin keys on GitHub - blast radius, IAM persistence paths, CloudTrail detections, supply-chain tail.
Contractor pushed the boundary keys
A CISA contractor pushed AWS GovCloud admin keys to a public GitHub repo. The credential format, not the contractor, is the failed control.
The agency was the breach.
A US cybersecurity agency published digital keys to a public GitHub repository. The exposure defines the failure class. Recovery requires rotation.
The malware leaked itself, not the defenders.
Needle cryptostealer shipped with a plaintext API key in the Rust binary. One string exposed 1932 victims and the withdrawal config.
The dashboard pushed every critical CVE to GitHub
Technical analysis of a unified vulnerability dashboard pushed to a public GitHub repo, the scanner token blast radius, and what defenders actually see.
Your password manager was the attacker
The Bitwarden CLI compromise inside the Checkmarx supply chain campaign is an identity and access incident. Treat the affected window as untrusted.