No keys attached: Exploring GitHub-to-AWS keyless authentication flaws | Datadog Security Labs
While popular, GitHub-to-AWS keyless authentication mechanisms can be insecurely configured.
securitylabs.datadoghq.com