I have no idea how the secure element works, but coldcard has two of them so that's cool.
both of them have viable laser fault injection attacks meaning you only need the expensive (probably $300k max) equipment, but that’s nothing as you can reuse it for as many wallets as you prefer
both of them are IoT grade shit (and at least one lacks any CC certification) that don’t have the same basic protections as any credit card within the last 15 years
Ledger Donjon hasn't managed to break the MK4 yet, and I guess they have all the nice equipment. Seems like the most secure hww that is currently available imo. https://www.ledger.com/blog/category/donjon
yes, they have, the SE2 used by CC Mk4 is broken (source: Coinkite), and SE1 also has been broken (source: a talk by the Ledger Donjon team)