The Spectre attack exposed processors to memory disclosure attacks. Manipulation of indirect kernel calls may allow side channel retrieval of memory content (Branch Target Injection). The Linux kernel was subsequently enhanced to mitigate this Variant II attack using the retpoline feature.
https://krebsonsecurity.com/2018/07/google-security-keys-neutralized-employee-phishing/ Such a simple authentication factor (simulating a keyboard) but very powerful in what it delivers. All organisations should consider these devices for end users.