I’ve already blogged this at ESET (3rd link down), so these are just links, but quite a few of them. The first is the actual Cambridge paper (or rather a draft thereof).
Chip and PIN is Broken (Steven J. Murdoch, Saar Drimer, Ross Anderson, Mike Bond), University of Cambridge Computer Laboratory
Chip and PIN is broken: http://www.lightbluetouchpaper.org/2010/02/11/chip-and-pin-is-broken/
Has Chip & PIN Had Its Chips?: http://www.eset.com/threat-center/blog/2010/02/12/has-chip-pin-had-its-chips
PIN check in EMV protocol for EC and credit cards bypassed: http://www.h-online.com/security/news/item/PIN-check-in-EMV-protocol-for-EC-and-credit-cards-bypassed-929784.html
Chip and PIN system on banking cards seriously flawed: http://www.net-security.org/secworld.php?id=8862&utm_source=twitterfeed&utm_medium=ping.fm&utm_campaign=Feed%3A+HelpNetSecurity+%28Help+Net+Security%29
Chip and PIN Security Completely Broken by New Attack