The title is vague, my first thought was "We already have MLKEM". Which is enough against passive attackers.

The article apparently is about the CA/certs for authenticating the server, a part of HTTPS