GitHub's CI/CD platform, GitHub Actions, has recently become a target for a sophisticated attack vector, posing threats to both open-source projects and internal repositories.