Supply Chain Attacks Targeting GitHub Actions Increased in 2025

At this week’s Black Hat Europe conference, two researchers urged developers to adopt a shared responsibility model for open source software and not leave it all up to GitHub to handle.