I have read that if the random nonce k used for the ECDSA signature is not chosen at random then someone can calculate the private key.
- If the k is random but reused, it will leak your private key if you create more than one signature using it (that includes message signing, creating and signing more than one transaction that includes address reuse).
- If the k is not random (is weak), it will leak your private key on first use. It doesn't take reuse in this case to leak the key.
Such a problem never existed in bitcoin core though. And these days all popular wallets including core use RFC6979 to deterministically derive the ephemeral key (k) for signing that eliminates that issue altogether.