Not using GitHub Actions? You’re also vulnerable. — TL;DR A newly discovered security flaw in GitHub allows leveraging GitHub Actions to bypass the required reviews mechanism and push unreviewed code to a protected branch, potentially allowing malicious code to be used by other users or flow down the pipeline to production. The risk of a compromised user account GitHub is the most popular source control management…