Mathy Vanhoef and Frank Piessens of KU Leuve have discovered a critical flaw in the way WPA2 encryption for all known WiFi implementations. Some time to caveat on the width of the discovery, the attacker needs physical access to the network, and will only see non-encrypted transmissions. Until the vendors patch their implementations the only interim solution is to treat your home WiFi as you would a public WiFi, using HTTPS and in an ideal world VPN form the individual client.
This overview on Github shows the current state of fixes from the vendors. I somewhat sadly note that the majority of my HW is under the “No Known Official Response” category!