On this week's podcast we discuss a recent analysis on the risks of GitHub RepoJacking. After that, we dive in to the Barracuda 0-day that China-based threat actors are actively exploiting as well as a novel command and control distribution method for a separate China-based APT.