The only security incident I've had in my career was due to Git Butler - it committed temporary files into GitHub without me explicitly approving it! Of course, it was a private repository, but still, it became impossible to delete those secrets because there were plenty of commits afterward. Given the large file tree and many updated files in the commit, it wasn't apparent that those folders got sneaked into the commit.

So, I really hope security incidents don't come after Git!