First off - as far as I can tell, this does not affect bitcoin unless:
A) There are still TSS wallets in use that were generated when bitcoin was on ECDSA that B) have malicious participants that know how to take advantage of this yet-to-be-disclosed cryptographic vulnerability
That being said, this is probably the closest bitcoin has ever been to a legitimate, hackable vulnerability that could have resulted in real loss of funds.
Here's what I'm talking about: https://blog.verichains.io/p/verichains-discovers-critical-key
To break this down:
TSS (Threshold Signature Scheme) is a cryptographic protocol that's been around for a few decades, used for generated a multiple-participant private key. In order to sign a message (or, in the context of cryptocurrency, a transaction), you need t of n participants to sign (for example, 2 of 3, 3 of 5, etc). The protocol essentially constructs a private-public key pair (aka, a wallet) from scratch. BNY Mellon, Revolut, ING, Binance, Fireblocks, Coinbase, etc have been using this protocol for various cryptocurrencies.
"... nearly all threshold ECDSA based TSS implementations . . . are vulnerable to key extraction attacks despite having undergone multiple security audits."
Luckily, Bitcoin switched from ECDSA to Schnorr a few years ago, so unless I'm mistaken, MPC protocols for bitcoin don't have this problem. But it could have been a problem if it weren't for BIP 340.
A few of things to note:
While most bitcoin users would not have been affected by this even if we were still on ECDSA, this could have been a major problem for exchanges and other large bitcoin companies, as they are typically the ones to use an MPC
MPC protocols shouldn't be confused with multisig - multisig is relatively user-friendly, doesn't involve fancy cryptography, and essentially strings together individual wallets via a set of rules rather than building one from scratch
If bitcoin was still on ECDSA, the problem with TSS wouldn't technically be a problem with bitcoin or anything in the bitcoin code - it's a separate, manual, and apparently insecure method for constructing a key pair. That being said, it could have resulted in stolen bitcoin.
Self-custody via cold wallets, people.
Even though this doesn't affect bitcoin, MPC's can be dangerous simply because they have to be manually written into code, and a slightly incorrect implementation could mean game over.