Ars Technica

YubiKeys are vulnerable to cloning attacks thanks to newly discovered side channel

The YubiKey 5, the most widely used hardware token for two-factor authentication based on the FIDO standard, contains a cryptographic flaw that makes the finger-size device vulnerable to cloning when ...
Ars Technica

yubikey deep dive

I've now spent a significant amount of effort exploring the ways to use yubikeys that extend beyond the basic web authentication. These are incredibly capable devices but you have to know what you're ...