Are you a Chromebook user? If so, make sure you have updated to Chrome OS 75 or later to receive a fix for a vulnerability in a "built-in security key" feature. Learn more:
Google is urging Chromebook users to update devices to fix a critical vulnerability in an experimental Chrome OS feature that handles two-factor authentication procedures.
The vulnerability impacts the Chrome OS feature known as the "built-in security key." The feature works by allowing users to use a Chromebook device similar to a hardware-based USB/NFC/Bluetooth security key.
The feature can be used when registering or logging into a website. Users can press the Chromebook power button, which will send a cryptographic token to the website, similar to how a classic hardware key would normally work. The difference is that the user is using his Chromebook as proof of ownership and identity, instead of a small USB, NFC, or Bluetooth-based key.