diff --git a/.github/workflows/omf_sec_checks.yml b/.github/workflows/omf_sec_checks.yml
index c627dc5..22066c0 100644
--- a/.github/workflows/omf_sec_checks.yml
+++ b/.github/workflows/omf_sec_checks.yml
@@ -40,7 +40,7 @@ jobs:
           persist-credentials: false
 
       - name: Run zizmor 🌈
-        uses: zizmorcore/zizmor-action@71321a20a9ded102f6e9ce5718a2fcec2c4f70d8 # v0.5.2
+        uses: zizmorcore/zizmor-action@b1d7e1fb5de872772f31590499237e7cce841e8e # v0.5.3
         with:
           persona: pedantic
           advanced-security: false # Use GH PR Annotations instead of uploading SARIF results for better visibility in the PR
diff --git a/.github/workflows/overture-projection.yml b/.github/workflows/overture-projection.yml
index c325f63..e37b3ca 100644
--- a/.github/workflows/overture-projection.yml
+++ b/.github/workflows/overture-projection.yml
@@ -168,7 +168,7 @@ permissions:
 jobs:
   overture-projection:
     name: Overture PRojection
-    runs-on: ubuntu-slim
+    runs-on: ubuntu-latest
 
     # One active run per PR; cancel in-progress if a new commit is pushed.
     concurrency: