Wired

YubiKeys Are a Security Gold Standard—but They Can Be Cloned

The YubiKey 5, the most widely used hardware token for two-factor authentication based on the FIDO standard, contains a cryptographic flaw that makes the finger-sized device vulnerable to cloning when ...
TechSpot

Newly discovered flaw makes some YubiKeys vulnerable to cloning

In context: The YubiKey is a hardware security key that simplifies two-factor authentication. Instead of receiving codes via text or an app, users simply tap the YubiKey when logging into accounts, ...
Engadget

YubiKey vulnerability will let attackers clone the authentication device

NinjaLab, a security research company, has discovered a vulnerability that would allow bad actors to clone YubiKeys. As the company has explained in a security advisory, NinjaLab found a vulnerability ...
Gizmodo

It’s Possible to Clone YubiKeys Thanks to a Newly Discovered Vulnerability

Security researchers have discovered a vulnerability in YubiKey 5 that would allow a dedicated and resourceful hacker to clone the device. As first spotted by Ars Technica, the vulnerability is thanks ...
Infosecurity-magazine.com

Researcher Finds Unfixable Yet Tricky to Exploit Flaw in Yubikeys

Some versions of Yubikeys, one of the most widely used two-factor authentication (2FA) hardware tools, are vulnerable to side-channel attacks. Thomas Roche, security expert and co-founder of NinjaLab, ...
CSOonline

Hackers are cloning YubiKeys via new side-channel exploit

Rated of moderate severity, the flaw affects YubiKey 5 series and Security Key Series with firmware earlier than version 5.7, and YubiHSM 2 versions prior to 2.4.0. And the devices are impossible to ...