Security researchers from Palo Alto Networks have uncovered a vulnerability in GitHub Actions, known as ArtiPACKED, which poses significant risks to open-source projects. This vulnerability allows attackers to exploit a race condition in GitHub Actions artifacts, potentially exposing critical credentials and injecting malicious code. The issue affects major projects hosted on platforms like Google, Microsoft, and AWS. The discovery highlights the need for enhanced security measures in managing GitHub Actions workflows to protect sensitive information and prevent unauthorized access.