Not sure If this is what they're referring to, but 10 years ago Lenovo shipped low-end laptops with pre-installed adware called Superfish that also compromised the HTTPS certificate chain:

https://www.cisa.gov/news-events/alerts/2015/02/20/lenovo-su...

Pretty terrible, but it was never on the high-end laptops, and plenty of HN folks are running Lenovo ThinkPads anyway.