diff --git a/howto/yubikey.md b/howto/yubikey.md
index 43faa131c47ddcebd6536a980f25358d3a395041..fe00bae1fa64e17c095b3161fe7f194486f4e047 100644
--- a/howto/yubikey.md
+++ b/howto/yubikey.md
@@ -502,7 +502,8 @@ are two reasons for this:
     considerations for storing encryption keys](#special-considerations-for-storing-encryption-key)
 
  2. entropy sources on security keys have been known to be flawed in
-    the past
+    the past, including on Yubikeys, see for example the [infineon
+    vulnerability](https://support.yubico.com/hc/en-us/articles/360021803580)
 
 ### Export to backup