GitGuardian

CISA left a public GitHub repository exposed for six months, revealing passwords, keys and tokens in production infrastructure files. GitGuardian found the leak on May 14 and the agency removed the repo the next day.