Artifact Poisoning in GitHub Actions Imports Malware via Software Pipelines

A vulnerability discovered in GitHub Actions could allow an attacker to poison a developer's pipeline, highlighting the risk that insecure software pipelines pose.