ActiveState detailed a GitHub Actions attack pattern that often bypasses traditional CI security scanners. The analysis explains how these attack chains evade detection and how to better govern CI/CD pipelines.