Okay, this one's a bit weird. Apparently A hacker is wiping Git repositories and asking for a ransom (of 0.1 Bitcoin). Apparently it was done by scanning the entire web for /.git/config files and mining those for credentials (including access tokens and URLs of the form http://user.password@victim.com. The hacker "replaced" the contents of the repository with a ransom demand.

The perpetrator is apparently hoping that anyone stupid enough to leave their git repo accessible through the web (I admit -- I used to do that) and to put login credentials in it (no, I'm not that stupid -- that's one of the things everyone is warned about multiple times, just in case it wasn't obvious), is probably stupid enough to pay the ransom instead of simply restoring their repo from any clone of it and changing their password.

And of course it turns out that the entire repo is still there after the attack -- the perpetrator is apparently just adding a commit and pointing HEAD at it. this post on StackExchange explains how to recover.

It's even easier, though, if you've actually been using the repo, because then you'll have a clone of it somewhere and all you have to do is

  cd clone
  git push --force origin HEAD:master

There's still the perp's threat to release your code if you don't pay. If your code is in a public repo on GitHub, GitLab, or BitBucket -- who cares? If it's in a private repo, you may have a problem, provided you (1) think it's likely that this threat can be carried out (there is reason to believe that your code hasn't actually be stashed away anywhere) and (2) you think that whatever secrets may have been in your private repo are worth more than about $570.

You can see by looking at Bitcoin Address 1ES14c7qLb5CYhLMUekctxLgc1FV2Ti9DA that, so far (4pm today) nobody has paid up.