Google released the Titan Security Key last year to focus on two-factor authentication. The kit comes with a USB Type-A key and a battery-powered Bluetooth / NFC key. Both can be configured with Google Accounts as a 2FA method. The last thing you want in your security key is a security hole, but that's what's been discovered.
Google announced today on its security blog that a bug in the Bluetooth key was discovered, unless you are a world leader or espionage agent, you probably have nothing to worry about. The error allows an attacker who is physically nearby (within 30 feet) to communicate with the device the key is paired with, but only if you pair the key or log in to an account at the same time.
Google recommends that Titan security key owners continue to use the keys as normal while sending free replacement. In a similar context, the kit was on the Google Store for several months, but is now back in stock.