The FIDO Alliance put out an official statement in response to recent security research reports and conference talks that misrepresent endpoint compromise as "passkey vulnerabilities" 馃敟
https://fidoalliance.org/passkeys-are-not-broken-the-conversation-about-them-often-is/