diff --git a/README.md b/README.md
index 1303af2..4c604a6 100644
--- a/README.md
+++ b/README.md
@@ -13,7 +13,7 @@ Add the following entry to your Github workflow YAML file:
 ```yaml
 uses: sigstore/cosign-installer@main
 with:
-  cosign-release: 'v1.2.0' # optional
+  cosign-release: 'v1.2.1' # optional
 ```
 
 Example using a pinned version:
@@ -40,7 +40,7 @@ jobs:
       - name: Install Cosign
         uses: sigstore/cosign-installer@main
         with:
-          cosign-release: 'v1.2.0'
+          cosign-release: 'v1.2.1'
       - name: Check install!
         run: cosign version
 ```
diff --git a/action.yml b/action.yml
index 6c70ad8..bceb486 100644
--- a/action.yml
+++ b/action.yml
@@ -9,7 +9,7 @@ inputs:
   cosign-release:
     description: 'Cosign release version to use in the actions.'
     required: false
-    default: 'v1.2.0'
+    default: 'v1.2.1'
 runs:
   using: "composite"
   steps:
@@ -20,8 +20,8 @@ runs:
         mkdir -p $HOME/.cosign
         pushd $HOME/.cosign
 
-        bootstrap_version='v1.2.0'
-        expected_bootstrap_version_digest='690e9d6220aa715b61e332a0efefb60f4f4889cb8c0d0195d28a406425d617f0'
+        bootstrap_version='v1.2.1'
+        expected_bootstrap_version_digest='490cb1941aa317cd24a0bd9f2fe38932805dbaaba0ae89c12ec8138d15bdd8a0'
         curl -L https://storage.googleapis.com/cosign-releases/${bootstrap_version}/cosign-linux-amd64 -o cosign
         shaBootstrap=$(sha256sum cosign | cut -d' ' -f1);
         if [[ $shaBootstrap != ${expected_bootstrap_version_digest} ]]; then exit 1; fi