Yes, I don't know why the community thinks coldcard is the most secure wallet, it is not. 

First of all, it changes its model and architecture too often.

Secondly, they have already had problems with secure element providers and have had to switch to one of them.

Third, it uses Secure Element, which is not recommended in cryptography.

Fourth, it uses RFC6979 signatures to mitigate the attack mentioned in the article, which as mentioned in the article is dangerous and impractical. 

Fifth, it is not opensource and they took advantage of the trezor architecture.