Guillaume Valadon looked at his screen in Paris and saw the skeleton of the American security state sitting in a public folder. The security researcher found a GitHub repository named Private-CISA that had been left wide open for six months. Inside were spreadsheets containing plain-text passwords, private keys, and administrative tokens for AWS GovCloud accounts. One file was simply named AWS-Workspace-Firefox-Passwords.csv, according to report from Krebs on Security. This was not a sophisticated hack; it was a total administrative collapse by a contractor named Nightwing.

While the digital keys to the kingdom sat on the open web, the biological engine of the Department of Homeland Security is grinding to a halt. In Washington, 240,000 DHS employees have entered their second week without a paycheck. The federal government claims it has no money for the guards at the ports and borders. Yet, the same administration has found the liquidity to issue $36 billion in civil fines against migrants. According to federal officials, these fines target 65,000 people to recoup the costs of their own detention.

Todd Blanche, the acting attorney general, sat before Senate lawmakers on Tuesday to defend a different kind of spending. He was grilled over a new $1.8 billion anti-weaponization fund. Democrats call it a slush fund for political allies; Blanche told the committee the fund is unusual but not unprecedented. Per the New York Times, the deal also includes a provision barring the IRS from pursuing tax claims against the President’s family or businesses.

Read together, these moves describe a state that is liquidating its functional capacity—its staff and its data security—to bankroll the political defense of its masters. The thread linking these events, though stated in no filing, suggests the Hollow State has transitioned into a direct spoils system. The government cannot pay the man at the gate, and it cannot keep its passwords in a locked drawer, but it can find billions to compensate its friends for their legal fees.

CISA has confirmed it is investigating the exposure of the credentials. The agency, responsible for the cybersecurity of the entire civilian federal network, is now the primary victim of its own negligence. The material provided a detailed view of the federal cloud footprint, including internal service endpoints and secret-management paths. The data was accessible to anyone with an internet connection from November 2025 until mid-May 2026. The department that demands total surveillance of the public cannot even manage a basic password manager.