GitHub is moving to strengthen software supply chain security
by updating "actions/checkout" to block pwn request attacks that
exploit the risky use of the "pull_request_target workflow" trigger
to run malicious code with the workflow's full privileges.
Effective June 18, 2026, the latest version of "actions/checkout,"
the official GitHub action for checking out a repository into
the
Read more https://thehackernews.com/2026/06/github-updates-actionscheckout-to-block.html
