Oh d*#n, it looks like MVPS is the culprit.
When running the defender_updater.py one sees that there is a certificate error connecting to MVPS.org:
But connecting via browser or openssl works flawlessly.
Does python use another certificate store? (tested with SFOS 3.2 only now)
MVPS.org uses LetsEncrypt whose root cert might have been run out…