DevSecOps
Technology
CISA contractor exposed AWS GovCloud root keys on public GitHub for six months
A Nightwing employee leaked administrative credentials to federal cybersecurity infrastructure, raising questions about secrets management practices as the agency operates at a third of its normal staffing.
AI
Technology
GitHub Copilot Vulnerability Enabled Repository Takeovers via Malicious Issues
RoguePilot flaw exposed how AI coding assistants can be weaponized through passive prompt injection, allowing attackers to steal credentials and hijack repositories without exploiting traditional vulnerabilities.