Version 9.602 of the Sophos Unified Threat Management platform fixes vulnerabilities in OpenSSH, Apache HTTP, and a component that processes incoming mail. Germany’s DFN-CERT issued an advisory issued by the German government. The update is currently only available via FTP and will be rolled out in the future via Sophos’ Up2Date servers. Not much is known about this attack and it was given an internal Sophos bug ID of NUTM-10480 in the release notes.
Source: https://www.bleepingcomputer.com/news/security/sophos-utm-9602-released-that-fixes-3-vulnerabilities/