Sure: https://arstechnica.com/information-technology/2023/05/leak-...

The gaggle of moving parts that are involved in the PC world make security and privacy substantially more challenging because of nonsense like this - a vendor with rubbish security (not even an HSM for critical signing keys!) compromising the broader world.

Thanks. It seems this confirms that my own keys are more secure, because with them such problem couldn't occur.