I wonder, have there been any case studies on phishing/trojan type attacks by code (git changes) via email?