Still a bit sleepy but maybe some of the people here should check if they are affected. I am uncertain what is the actionable thing to do is other than update your BIOS (if available) and maybe your OS as well.
TLDR (from the article):
For Linux users, run
efi-readvar -v PK
If it returns something like
Subject:
CN=DO NOT TRUST - AMI Test PK
Issuer:
CN=DO NOT TRUST - AMI Test PK
you are affected.
For Windows users, run
> [System.Text.Encoding]::ASCII.GetString((Get-SecureBootUEFI
PK).bytes) -match "DO NOT TRUST|DO NOT SHIP"
True
Near the end of the article has a list of 215 devices that use the compromised key, as revealed by Binarly (mostly Gigabyte)