diff --git a/.github/workflows/scorecards.yml b/.github/workflows/scorecards.yml
index 29ff72d..8ab3781 100644
--- a/.github/workflows/scorecards.yml
+++ b/.github/workflows/scorecards.yml
@@ -37,7 +37,7 @@ jobs:
           persist-credentials: false
 
       - name: "Run analysis"
-        uses: ossf/scorecard-action@62b2cac7ed8198b15735ed49ab1e5cf35480ba46 # v2.4.0
+        uses: ossf/scorecard-action@f49aabe0b5af0936a0987cfb85d86b75731b0186 # v2.4.1
         with:
           results_file: results.sarif
           results_format: sarif
diff --git a/news/20250224073135.bugfix b/news/20250224073135.bugfix
new file mode 100644
index 0000000..353372a
--- /dev/null
+++ b/news/20250224073135.bugfix
@@ -0,0 +1 @@
+Dependency upgrade: scorecard-action-2.4.1