Sysdig's Threat Research Team uncovered significant security vulnerabilities in GitHub Actions workflows across popular open source projects, including those by MITRE and Splunk. Their research revealed how insecure configurations, particularly using pull_request_target, can expose sensitive credentials and allow for exploitation, prompting the team to recommend best practices to enhance CI/CD security.