{"id":218385,"date":"2026-05-21T19:43:00","date_gmt":"2026-05-21T23:43:00","guid":{"rendered":"https:\/\/testing.news-you-need.com\/index.php\/2026\/05\/21\/cisa-and-dhs-left-exposed-after-cybersecurity-threat\/"},"modified":"2026-05-22T00:20:11","modified_gmt":"2026-05-22T04:20:11","slug":"cisa-and-dhs-left-exposed-after-cybersecurity-threat","status":"publish","type":"post","link":"https:\/\/testing.news-you-need.com\/index.php\/2026\/05\/21\/cisa-and-dhs-left-exposed-after-cybersecurity-threat\/","title":{"rendered":"CISA and DHS Left Exposed After Cybersecurity Threat"},"content":{"rendered":"<p><a href=\"https:\/\/natlawreview.com\/article\/cisa-passwords-used-access-dhs-systems-exposed\">CISA and DHS Left Exposed After Cybersecurity Threat<\/a><\/p>\n<p><a href=\"https:\/\/natlawreview.com\/article\/cisa-passwords-used-access-dhs-systems-exposed\">https:\/\/natlawreview.com\/article\/cisa-passwords-used-access-dhs-systems-exposed<\/a><\/p>\n<p>Publish Date: <a href=\"publish_date]\">2026-05-21 19:43:00<\/a><\/p>\n<p>Source Domain: <a href=\"natlawreview.com\">natlawreview.com<\/a><\/p>\n<p>Author: <a href=\"\"><\/a><\/p>\n<p> Using an unordered list, summarize the following article with between 4 and 8 key points. The Cybersecurity and Infrastructure Security Agency (CISA), which is part of the Department of Homeland Security, is responsible for cybersecurity and infrastructure security throughout the federal government, to improve cybersecurity protection against private and nation-state hackers.<br \/>\nCISA has been without a director since the beginning of President Trump\u2019s second term, when the then-director resigned. In addition, the Trump administration cut funding to the agency and, through the budget cuts, furloughs, and layoffs, the agency lost about one-third of its workforce. On top of that, in March 2025, Defense Secretary Pete Hegseth ordered U.S. Cyber Command to \u201chalt cyber-offense operations against Russia\u201d and \u201cordered the unit to stand down panning against Russian cybersecurity threats.\u201d<br \/>\nRussia has always been one of our top cyber adversaries and there is no indication that offensive planning has taken place in the past year.<br \/>\nWith the layoffs, budget cuts, furloughs, and resignations, CISA has been embattled in fulfilling its mission. The strain became abundantly clear recently when GitGuardian security researcher Guillaume Valadon found \u201creams of exposed plaintext credentials listed in spreadsheets, which had been made publicly accessible in a GitHub repository by an employee working for a CISA contractor.\u201d<br \/>\nThe researcher contacted security reporter Brian Krebs on May 15, 2026, who reported that the CISA contractor \u201cmaintained a public GitHub repository that exposed credentials to several highly privileged AWS GovCloud accounts and a large number of internal CISA systems\u201d which \u201cincluded files detailing how CISA builds, tests and deploys software internally, and that it represents one of the most egregious government data leaks in recent history.\u201d<br \/>\nThe repository was named \u201cPrivate-CISA\u201d and included \u201ca vast number of internal CISA\/DHS credentials and files, including cloud keys, tokens, plaintext passwords, logs and other sensitive CISA assets.\u201d<br \/>\nThe GitHub account has been taken offline. It was created in September 2018, and the Private-CISA repository was created in November 2025.<br \/>\nIt is unknown whether anyone, including a foreign adversary such as Russia, found, accessed or used the credentials. CISA has confirmed that it is aware of the reported exposure and is continuing to investigate the situation. The question is what other lapses will occur as a result of the agency\u2019s decimation.<\/p>\n<p><\/p>\n","protected":false},"excerpt":{"rendered":"<p>CISA and DHS Left Exposed After Cybersecurity Threat https:\/\/natlawreview.com\/article\/cisa-passwords-used-access-dhs-systems-exposed Publish Date: 2026-05-21 19:43:00 Source Domain:&#8230;<\/p>\n","protected":false},"author":1,"featured_media":218386,"comment_status":"closed","ping_status":"","sticky":false,"template":"","format":"standard","meta":{"fifu_image_url":"https:\/\/natlawreview.com\/sites\/default\/files\/styles\/article_image\/public\/2026-05\/password.computer.internet.cybersecurity.jpg.webp?itok=GMph_wXn","fifu_image_alt":"","footnotes":""},"categories":[15],"tags":[24],"class_list":["post-218385","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cybersecurity","tag-cybersecurity"],"_links":{"self":[{"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/218385"}],"collection":[{"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/comments?post=218385"}],"version-history":[{"count":1,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/218385\/revisions"}],"predecessor-version":[{"id":218387,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/218385\/revisions\/218387"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/media\/218386"}],"wp:attachment":[{"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/media?parent=218385"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/categories?post=218385"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/tags?post=218385"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}