Multiple critical security vulnerabilities were discovered in Git-related projects, allowing malicious repositories to leak user credentials through various exploit methods. The vulnerabilities affected major tools including GitHub Desktop, Git Credential Manager, Git LFS, and GitHub CLI, leading to implementations of new security measures.
https://flatt.tech/research/posts/clone2leak-your-git-credentials-belong-to-us/