The Verge

YubiKeys have an unfixable security flaw — but it’s difficult to exploit

Posts from this topic will be added to your daily email digest and your homepage feed. The vulnerability impacts almost all older YubiKey security tokens. The vulnerability impacts almost all older ...
Forbes

Yubico Issues YubiKey Manager Security Alert For Windows Users

When it comes to user authentication, there are many options available, from passwords at the weaker end of the security spectrum to hardware keys at the other. But what if the hardware security key ...
TechSpot

Newly discovered flaw makes some YubiKeys vulnerable to cloning

In context: The YubiKey is a hardware security key that simplifies two-factor authentication. Instead of receiving codes via text or an app, users simply tap the YubiKey when logging into accounts, ...
TechRepublic

Hardware-bound passkeys are still ultimate in security: Yubico VP

Hardware-bound passkeys are still ultimate in security: Yubico VP Your email has been sent Derek Hanson, Yubico’s VP of standards and alliances and an industry expert on passkeys, discusses why device ...
Bleeping Computer

New Eucleak attack lets threat actors clone YubiKey FIDO keys

A new "EUCLEAK" flaw found in FIDO devices using the Infineon SLE78 security microcontroller, like Yubico's YubiKey 5 Series, allows attackers to extract Elliptic Curve Digital Signature Algorithm ...
Ars Technica

YubiKeys are vulnerable to cloning attacks thanks to newly discovered side channel

That's a bad tradeoff that mostly leads to people continuing to use vulnerable products. Instead they should support digitally signed firmware updates, perhaps zeroizing existing keys during the ...