The write up on the recently discovered YubiKey flaw includes this important line relevant to the vast majority of people using them:
"Thus, as far as the work presented here goes, it is still safer to use your YubiKey or other impacted products as FIDO hardware authentication token to sign in to applications rather than not using one."
But it's still interesting.
https://ninjalab.io/eucleak/