Hackers have stolen tens of thousands of cloud account credentials, by abusing exposed Git configuration files, experts have claimed.
Git configuration files are where Git saves different preferences and settings, such as names, email, or which files to ignore. They help Git know how to behave for different projects and can be set up globally (for all projects) or just for specific ones. Sometimes, developers will include valuable secrets in private repositories, since it’s faster, and more convenient. It generally isn’t a problem, as long as the repositories are properly secured.
