Effectively, you should treat a yubikey compromised if you suspect it could be tampered with by a third party. But that was already the case previously. It just got a *bit* easier.
How does the recently disclosed yubikey vulnerability affect nostr:npub1casacasahesdrpu6npfth2t0ae37a2cdwwg3c4fkt30v7gzffx3q7wtzdc customers nostr:note1mpgj98jf0ak957c6k80lu0j3s4lswzvxztzrdvhdrswkgtl7kf2q9hfzz5
Effectively, you should treat a yubikey compromised if you suspect it could be tampered with by a third party. But that was already the case previously. It just got a *bit* easier.