YellowKey, CVE Enrichment, Chipmaker Breach - BTS #74 episode artwork

EPISODE · May 19, 2026 · 54 MIN

YellowKey, CVE Enrichment, Chipmaker Breach - BTS #74

from Below the Surface (Audio) - The Supply Chain Security Podcast · host Paul Asadoorian

In this episode, we explore recent vulnerabilities, the YellowKey BitLocker bypass, supply chain security, CVE data analysis, and the implications of hardware breaches like the one at Foxconn. We also delve into AI's role in vulnerability research and the evolving landscape of cybersecurity threats. Topics https://www.nist.gov/news-events/news/2026/04/nist-updates-nvd-operations-address-record-cve-growth https://github.com/Nightmare-Eclipse/YellowKey  https://socket.dev/blog/tanstack-npm-packages-compromised-mini-shai-hulud-supply-chain-attack  https://x.com/AlvieriD/status/2053835732658143416   Chapters 00:00 Introduction to Vulnerability Research and AI 03:42 NIST and CVE Growth Challenges 06:46 Building Tools for CVE Analysis 10:58 The Complexity of CVSS Scoring 15:08 CISA's Role in Vulnerability Enrichment 18:06 Challenges in CWE and CPE Data 19:55 The Future of Vulnerability Research 27:18 BitLocker Bypass: A Case Study 33:05 Exploring the Complexity of Windows Features 34:49 Speculation on Microsoft and Conspiracy Theories 35:57 The Impact of BIOS Passwords on Security 39:12 The Foxconn Breach: A Major Data Compromise 47:34 Supply Chain Attacks on Package Managers 51:13 Deceptive Techniques in Cybersecurity

NOW PLAYING

YellowKey, CVE Enrichment, Chipmaker Breach - BTS #74

0:00 54:52

No transcript for this episode yet

We transcribe on demand. Request one and we'll notify you when it's ready — usually under 10 minutes.

Frequently Asked Questions

How long is this episode of Below the Surface (Audio) - The Supply Chain Security Podcast?

This episode is 54 minutes long.

When was this Below the Surface (Audio) - The Supply Chain Security Podcast episode published?

This episode was published on May 19, 2026.

What is this episode about?

In this episode, we explore recent vulnerabilities, the YellowKey BitLocker bypass, supply chain security, CVE data analysis, and the implications of hardware breaches like the one at Foxconn. We also delve into AI's role in vulnerability research...

Can I download this Below the Surface (Audio) - The Supply Chain Security Podcast episode?

Yes, you can download this episode by clicking the download button on the episode player, or subscribe to the podcast in your preferred podcast app for automatic downloads.
URL copied to clipboard!