Have the same problem.
App Service have private endpoint enabled. ACR tries to send webhook but gets HTTP 403.
On webhook details, on action details, it's possible to see that ACR is trying to connect to app service via public IP.
x-ms-forbidden-ip shows which IP app service is seeing.
Both acr and app service have private endpoints on (differente) spoke subscriptions, interconnected via hub.
Private DNS is at hub.