Secure Boot Compromised Across Hundreds of PC Models

A leaked cryptographic key has undermined the Secure Boot feature on devices from major manufacturers, exposing them to potential malware attacks.

Over 200 device models from Acer, Dell, Gigabyte, Intel, and others are affected by the compromised key.
The key, leaked in 2022, was found in a public GitHub repository and protected by a weak four-character password.
An additional 300 models use insecure test keys labeled 'DO NOT TRUST' provided by American Megatrends, Inc.
Researchers emphasize the need for BIOS updates to mitigate the security risk, but many devices remain vulnerable.
The issue, dubbed PKfail, highlights systemic failures in cryptographic key management across the supply chain.