At least one entity was compromised through a critical pre-authentication YAML deserialization vulnerability in IBM Aspera Faspex file transfer service; a patch was issued in January.
Article Link: Unpatched IBM Aspera Faspex file transfer service under active attack | SC Media