Anyone hip to their authenticity (with a '.com" appended) ???
Effect: somehow--maybe by a kid-in-basement mimicking same
--have hijacked any attempts to reach "KQED Radio- or TV- Daily Listings" ..since yesterday.

While there are no other OS X glitches anywhere else yet evident I have resisted--sans sand-box(?)--to just go there.
Google has LOTs re 'Sectigo': who appear to be vastly involved in the entire SSL-matters and alleged insecurities therein.

I'd doubt that the [actual]-site could be on a malware list ..with that-much covereage--wouldn't you? So I won't try--direct, anyway.
Am 'I' pwned or is KQED pwned--or neither {sigh}

Safari presents a Warning (going --> addy @ KQED), with a couple drill-downs: (freezes all other operations,
uncopiable, un-screen-copiable etc) as such Attention! messages would.

FIRST: "This website may be impersonating 'www.kqed[com]' to steal your personal or financial information.
You should go back to previous page." [Details] and [Go Back] == only radio-button options.

SECOND Trying [Details] Door:
more boxes featuring Red-icon with a /-thru a-lock,
"This Website Is Not Private"
... website has an expired Certificate ...
.. website misconfigured? your clock set to May 31 [Not, yesterday]

THIRD: (view Cert) Rectangle, box
[Red] Add Trust Extend CA Root
[Red] User Trust RSA Certificate Authority
[Red] Sectigo RSA Extended Validation Secure Server CA

FOURTH: www.kqed[org]
Issued by (last-line ^above^)
Sunday March 21, 2021 ... (Exp. date)
[Red-all] This certificate has an invalid issuer
>(tilted, filled triangle) [Details] == No=op, not a link.

That's it; I presume this is utterly-familiar to you boffins maybe unto a er, Solution?
Local 'Pro' I had OK'd to put on a trial-'Malwarebytes' scanner. It ran ~2min, 3X.. No Comment re (Quit unexpectedly, say, if Outsmarted)
nor ANY summary; I presume that means: No News is what you'd think, butIcouldbeRong.

Thanks for peeping.
I shoulda gone into Animal Husbandry (but ..But: Phlogiston happened), got hooked on this unbridled Curiosity stuff. :-/

Keychain Access.app invoked; options:
All Items
Passwords
Secure Notes
My Certificates
Keys
Certificates ... [pity: no bloody Cut/Paste, just stone-knives. bearskins to re-write]

[All Items] 17 items (incl "CUPS Self-Signed Certificate", as 'private key': more below on That] no mention of 'Sectigo'
Also: https://talkingpointsmemo.com/edblog/surveying-the-whirlwind AS: c-73-158-167-161.hsd1.ca.comcast.net

Thence root-login and display of that last "c-73-i58 item ... gets new window:

Icon says: [Certificate; below that: Root] Its bolded header IS ""c-73-i58 item" and last line of Intro sez, This root certificate is not trusted [in Red]
It seems that I can delete this entry.. maybe should but await Instruction. Presumably the other 16 items will continue to operate unremarkably.

If I focus on mentioned CUPS line, Rt-click gets {Sigh} more options:
Copy, Paste, Delete
Export
Get info
Create a Cert w/Cups ditto
Request a Certificate From a Certificate Authority w/ditto-name
Create a Certificate Authority With w/ditto-name

{Particle accelerators are more complex but sans boring, endless drill-downs of arbitrary /opaque intent :-/

Sorry if this is too-much; sorrier if it's not-Enough, eh? n-Thanks for sharing the Excitement of RED-things appearing.
Is it likely that simply Deleting that reddish-LINE can undo the Evil black-listing of kqed?
I'm All Ears, (Ah feels the Power of ... Admin-for ..a couple hours) ;^>

Repeat: Sectigo appears nowhere atop/within any of these texts.
Checking 'Spotlite', for giggles: Nope, That doesn't find any iteration save the obvious refs re this Query,

Over /Out ... need some Southrun Comfort in the coffee, lest lapsing into a crazed .. ...rm -r hda0

Discovered *CUPS back in the Knoppix days, should have recalled that (guess I imagined that, if nuked, it would re-create-self on a reboot). Part-2: but not if it calls the same cert from same place. Duh.
* even managed to make it er, Print {pats ego mildly}.

In any event -- I didn't. :)

As to Box's confirmation of similar conflagration, surely we'll hear soon (?) if this was Vlad-the-Impaler or similar.
Don't care lots about the silly-level inconvenience; next: is someone fabricating an App, should this fix need a bit of individual action by multitudes..

Apreciate the brain-work, again.

Trying your link gets the SAME-as-'kqed ...' [Read your post after the what-I-See post.]

This Connection Is Not Private

Hope that's a Boolean *Ding *Ding
Dunno if Server Certificate chain is an aspect of the Keychain? (yet)
Clearly from present FULL_Stop I couldn't peep the dread Sectigo universa at all.

Thanks for the tip! ..now Doubly!!