Well, first off, a lot of viruses use it since getfenv essentially holds all global functions. If you do something like setfenv().require, or use each letter of require’s character code (essentially it allows you to do something like
which makes it hard to read), it returns the actual require function. I guess you knew that already. Essentially getfenv is Luau’s version of _G. In vanilla Lua, _G holds all global functions. _G._G is equal to _G in vanilla Lua whereas getfenv().getfenv is equal to getfenv in Luau.
I think the most common case is sandboxing. If you’re using loadstring and have a predefined environment, it disallows the code that is run to access these globals.
local fenv = getfenv(1)
fenv.require = function()
error('Can\'t access require!')
require() --> errors with "Can't access require!"
So aside from sandboxing and viruses, I’m not sure that there is much else since you can overwrite Lua globals without the need of environment manipulation.