NEW: The YubiKey 5, a widely used hardware token for two-factor authentication, has a cryptographic flaw that makes it vulnerable to cloning if an attacker briefly gains physical access.

This flaw, known as a side channel, exists in the microcontroller used in many authentication devices, including banking smartcards, electronic passports, and secure access systems.