So an attacker in any router between you and your destination server, which can cross various countries' borders, is not part of your "threat model", but you expected to read about hardware security tokens? The ones that prevent against physical access leading to a key compromise? In CVSS terms, that's two levels up (from attack vector: adjacent to attack vector: physical) and considered much less likely.
I'm probably misunderstanding what you meant, but between those two I'd say MITM is a much higher risk than someone being able to break everything to the point where you need a yubikey/HSM to protect your keys.
I would say that backdooring a carrier router is at least one order of magnitude harder and less common than endpoint malware that can steal regular files in your home directory and log keystrokes.
I'm probably misunderstanding what you meant, but between those two I'd say MITM is a much higher risk than someone being able to break everything to the point where you need a yubikey/HSM to protect your keys.