GitHub Updates actions/checkout to Block Common Pwn Request Attack Patterns

GitHub updated its "actions/checkout" tool on June 18, 2026, to prevent pwn request attacks. These attacks exploit the "pull_request_target workflow" trigger, allowing malicious code to execute with the workflow's elevated privileges. The update specifically targets and blocks these attack patterns, enhancing the security of the software supply chain for users of GitHub Actions. This proactive measure aims to safeguard repositories from unauthorized code execution and potential compromise through compromised pull requests. Developers utilizing GitHub Actions should ensure they are on the latest version of "actions/checkout" to benefit from these enhanced security protections.