I have updated my GPG key, revoking ID
0x35076cbaa663a704 and replacing it with
0x57974c5b48a00d9b (find it on keyservers).
The Yubikey I used for my personal accounts had a known Infineon security vulnerability. Yubikey replaced this for free, an example of really good customer service. I held off extending or revoking the key but have now decided to generate a completely new one offline.
The replacement can be seen and verified on Keybase.