A new class of CI/CD workflow weakness enables attackers to use malicious pull requests to compromise software supply chains. Elad Meged, founding engineer and security researcher at ...