This is the most immediate threat. Hackers do not sit at computers manually searching GitHub for passwords. They use automated scanners. These bots crawl the entirety of GitHub 24/7, looking for patterns.
Why does this happen? It usually boils down to a few common scenarios: passwordtxt github top
used for penetration testing and password strength estimation. 10k-most-common.txt - GitHub This is the most immediate threat
