How a Single git checkout Almost Got Us — And What Stopped It
A routine contact-form lead turned into a 5-day social-engineering attack that used git checkout itself — via a malicious post-checkout hook — to trigger a fileless malware chain. Here's the full technical breakdown.