Here's a demo of the attack.
Chances for a patch are slim, as the company didn't patch a previous 2016 issue he reported in the same keyboard: syss.de/fileadmin/doku…
They're not safe!
They may be convenient in some scenarios, but they're not safe for the enterprise, government, public spaces, or if you have sensitive data on a particular machine
I deserve some kind of moron journalist of the year award