diff --git a/.github/workflows/checks.yaml b/.github/workflows/checks.yaml
index da4b983d8..8cbd4675e 100644
--- a/.github/workflows/checks.yaml
+++ b/.github/workflows/checks.yaml
@@ -35,7 +35,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@8ca2b8b2ece13480cda6dacd3511b49857a23c09 # v2.5.1
+        uses: step-security/harden-runner@1b05615854632b887b69ae1be8cbefe72d3ae423 # v2.6.0
         with:
           egress-policy: audit
           disable-telemetry: true
@@ -82,7 +82,7 @@ jobs:
       # Disabled until we figure out the "Could not resolve host: github.com" in
       # acceptance tests
       # - name: Harden Runner
-      #   uses: step-security/harden-runner@8ca2b8b2ece13480cda6dacd3511b49857a23c09 # v2.5.1
+      #   uses: step-security/harden-runner@1b05615854632b887b69ae1be8cbefe72d3ae423 # v2.6.0
       #   with:
       #     egress-policy: audit
       #     disable-telemetry: true
diff --git a/.github/workflows/codeql.yaml b/.github/workflows/codeql.yaml
index 2370f4a6f..a784af2ac 100644
--- a/.github/workflows/codeql.yaml
+++ b/.github/workflows/codeql.yaml
@@ -47,7 +47,7 @@ jobs:
 
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@8ca2b8b2ece13480cda6dacd3511b49857a23c09 # v2.5.1
+        uses: step-security/harden-runner@1b05615854632b887b69ae1be8cbefe72d3ae423 # v2.6.0
         with:
           egress-policy: audit
           disable-telemetry: true
diff --git a/.github/workflows/lint.yaml b/.github/workflows/lint.yaml
index e32462169..624923812 100644
--- a/.github/workflows/lint.yaml
+++ b/.github/workflows/lint.yaml
@@ -39,7 +39,7 @@ jobs:
 
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@8ca2b8b2ece13480cda6dacd3511b49857a23c09 # v2.5.1
+        uses: step-security/harden-runner@1b05615854632b887b69ae1be8cbefe72d3ae423 # v2.6.0
         with:
           egress-policy: audit
           disable-telemetry: true
diff --git a/.github/workflows/release-antora-extension.yaml b/.github/workflows/release-antora-extension.yaml
index 89bdb1781..4a7969a9b 100644
--- a/.github/workflows/release-antora-extension.yaml
+++ b/.github/workflows/release-antora-extension.yaml
@@ -43,7 +43,7 @@ jobs:
 
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@8ca2b8b2ece13480cda6dacd3511b49857a23c09 # v2.5.1
+        uses: step-security/harden-runner@1b05615854632b887b69ae1be8cbefe72d3ae423 # v2.6.0
         with:
           egress-policy: audit
           disable-telemetry: true
diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml
index bc56b37da..d2ae08926 100644
--- a/.github/workflows/scorecard.yml
+++ b/.github/workflows/scorecard.yml
@@ -46,7 +46,7 @@ jobs:
 
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@8ca2b8b2ece13480cda6dacd3511b49857a23c09 # v2.5.1
+        uses: step-security/harden-runner@1b05615854632b887b69ae1be8cbefe72d3ae423 # v2.6.0
         with:
           egress-policy: audit
           disable-telemetry: true
diff --git a/.github/workflows/website.yaml b/.github/workflows/website.yaml
index e92464bed..f884376fb 100644
--- a/.github/workflows/website.yaml
+++ b/.github/workflows/website.yaml
@@ -38,7 +38,7 @@ jobs:
             REPOSITORY: enterprise-contract/enterprise-contract.github.io
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@8ca2b8b2ece13480cda6dacd3511b49857a23c09 # v2.5.1
+        uses: step-security/harden-runner@1b05615854632b887b69ae1be8cbefe72d3ae423 # v2.6.0
         with:
           egress-policy: audit
           disable-telemetry: true