1. Sentry Python SDK GitHub Actions Workflow Carries Code Injection Vulnerability
Security researchers have identified a code injection weakness in the `.github/workflows/update-tox.yml` file of the `getsentry/sentry-python` repository, the official Sentry Python SDK. The vulnerability stems from GitHub Actions script injection, classified under the Semgrep rule `yaml.github-actions.security.github-...