Sysdig exposed how a trusted GitHub feature can silently hand control to attackers pull_request_target isn’t just risky, it’s a loaded weapon in the wrong hands Even top-tier security projects like ...