diff --git a/README.md b/README.md
index a0f855fd..497b85c3 100644
--- a/README.md
+++ b/README.md
@@ -45,7 +45,7 @@ Read this [case study](https://infosecwriteups.com/detecting-malware-packages-in
 
    ```yaml
    steps:
-     - uses: step-security/harden-runner@55d479fb1c5bcad5a4f9099a5d9f37c8857b2845 # v2.4.1
+     - uses: step-security/harden-runner@cba0d00b1fc9a034e1e642ea0f1103c282990604 # v2.5.0
        with:
          egress-policy: audit
    ```