diff --git a/.github/workflows/wheel.ad-rss-map-integration.yml b/.github/workflows/wheel.ad-rss-map-integration.yml
index 26c7556d7..af08b2a5e 100644
--- a/.github/workflows/wheel.ad-rss-map-integration.yml
+++ b/.github/workflows/wheel.ad-rss-map-integration.yml
@@ -38,7 +38,7 @@ jobs:
       id-token: write  # IMPORTANT: this permission is mandatory for trusted publishing
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@4d991eb9b905ef189e4c376166672c3f2f230481 # v2.11.0
+        uses: step-security/harden-runner@6c439dc8bdf85cadbbce9ed30d1c7b959517bc49 # v2.12.2
         with:
           egress-policy: audit
 
diff --git a/.github/workflows/wheel.ad-rss.yml b/.github/workflows/wheel.ad-rss.yml
index e21f2873e..456711fc4 100644
--- a/.github/workflows/wheel.ad-rss.yml
+++ b/.github/workflows/wheel.ad-rss.yml
@@ -38,7 +38,7 @@ jobs:
       id-token: write  # IMPORTANT: this permission is mandatory for trusted publishing
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@4d991eb9b905ef189e4c376166672c3f2f230481 # v2.11.0
+        uses: step-security/harden-runner@6c439dc8bdf85cadbbce9ed30d1c7b959517bc49 # v2.12.2
         with:
           egress-policy: audit