diff --git a/.github/workflows/checkmarx-one.yml b/.github/workflows/checkmarx-one.yml
index 5b4fed4e062..ed25bcfff78 100644
--- a/.github/workflows/checkmarx-one.yml
+++ b/.github/workflows/checkmarx-one.yml
@@ -38,7 +38,7 @@ jobs:
     steps:
       # This step checks out a copy of your repository.
       - name: Harden the runner (Audit all outbound calls)
-        uses: step-security/harden-runner@a90bcbc6539c36a85cdfeb73f7e2f433735f215b # v2.15.0
+        uses: step-security/harden-runner@58077d3c7e43986b6b15fba718e8ea69e387dfcc # v2.15.1
         with:
           egress-policy: audit
 
diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml
index f3d2c3937a9..14e601c7117 100644
--- a/.github/workflows/codeql.yml
+++ b/.github/workflows/codeql.yml
@@ -60,7 +60,7 @@ jobs:
         # your codebase is analyzed, see https://docs.github.com/en/code-security/code-scanning/creating-an-advanced-setup-for-code-scanning/codeql-code-scanning-for-compiled-languages
     steps:
     - name: Harden the runner (Audit all outbound calls)
-      uses: step-security/harden-runner@a90bcbc6539c36a85cdfeb73f7e2f433735f215b # v2.15.0
+      uses: step-security/harden-runner@58077d3c7e43986b6b15fba718e8ea69e387dfcc # v2.15.1
       with:
         egress-policy: audit
 
diff --git a/.github/workflows/defender-for-devops.yml b/.github/workflows/defender-for-devops.yml
index 65fe71bb568..b7a40ccd096 100644
--- a/.github/workflows/defender-for-devops.yml
+++ b/.github/workflows/defender-for-devops.yml
@@ -39,7 +39,7 @@ jobs:
 
     steps:
     - name: Harden the runner (Audit all outbound calls)
-      uses: step-security/harden-runner@a90bcbc6539c36a85cdfeb73f7e2f433735f215b # v2.15.0
+      uses: step-security/harden-runner@58077d3c7e43986b6b15fba718e8ea69e387dfcc # v2.15.1
       with:
         egress-policy: audit
 
diff --git a/.github/workflows/parse-ton-labels.yml b/.github/workflows/parse-ton-labels.yml
index dbc1c550f35..c58f376cd2a 100644
--- a/.github/workflows/parse-ton-labels.yml
+++ b/.github/workflows/parse-ton-labels.yml
@@ -8,7 +8,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Harden the runner (Audit all outbound calls)
-        uses: step-security/harden-runner@a90bcbc6539c36a85cdfeb73f7e2f433735f215b # v2.15.0
+        uses: step-security/harden-runner@58077d3c7e43986b6b15fba718e8ea69e387dfcc # v2.15.1
         with:
           egress-policy: audit
 
diff --git a/.github/workflows/rebuild-src.yml b/.github/workflows/rebuild-src.yml
index e304f4b576b..11f4306852a 100644
--- a/.github/workflows/rebuild-src.yml
+++ b/.github/workflows/rebuild-src.yml
@@ -21,7 +21,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Harden the runner (Audit all outbound calls)
-        uses: step-security/harden-runner@a90bcbc6539c36a85cdfeb73f7e2f433735f215b # v2.15.0
+        uses: step-security/harden-runner@58077d3c7e43986b6b15fba718e8ea69e387dfcc # v2.15.1
         with:
           egress-policy: audit
 
diff --git a/.github/workflows/test_src_valid.yml b/.github/workflows/test_src_valid.yml
index 819927e62fe..0077d3f28ab 100644
--- a/.github/workflows/test_src_valid.yml
+++ b/.github/workflows/test_src_valid.yml
@@ -13,7 +13,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Harden the runner (Audit all outbound calls)
-        uses: step-security/harden-runner@a90bcbc6539c36a85cdfeb73f7e2f433735f215b # v2.15.0
+        uses: step-security/harden-runner@58077d3c7e43986b6b15fba718e8ea69e387dfcc # v2.15.1
         with:
           egress-policy: audit