diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml
index ff71eadac..5129b7af3 100644
--- a/.github/workflows/release.yaml
+++ b/.github/workflows/release.yaml
@@ -110,7 +110,7 @@ jobs:
             ${{ steps.meta.outputs.labels }}
 
       - name: Sign ${{ matrix.config.name }} image and attach SBOM attestation
-        uses: adfinis/container-scanning-action@v0.2.8
+        uses: adfinis/container-scanning-action@v0.2.9
         with:
           image-ref: ghcr.io/${{ github.repository }}/${{ matrix.config.name }}
           token: ${{ secrets.GITHUB_TOKEN }}
diff --git a/.github/workflows/schedule.yaml b/.github/workflows/schedule.yaml
index cc4356317..fe0af0151 100644
--- a/.github/workflows/schedule.yaml
+++ b/.github/workflows/schedule.yaml
@@ -28,7 +28,7 @@ jobs:
       # needed for `cosign attest`
       id-token: write
     steps:
-      - uses: adfinis/container-scanning-action@v0.2.8
+      - uses: adfinis/container-scanning-action@v0.2.9
         with:
           image-ref: ghcr.io/${{ github.repository }}/${{ matrix.image }}
           attest: true