You must log in or # to comment.
TLDR; the attack is very sophisticated, require hardware access and specialized tools. On the other hand its not possible to patch the vulnerability
To add:
All YubiKeys running firmware prior to version 5.7—which was released in May and replaces the Infineon cryptolibrary with a custom one—are vulnerable.
So if you bought your key from June onward, you are most likely in the clear.
I have two of these is there anything else more secure?