Media and entertainment sector organizations worldwide are under attack by the threat actor using the Linux version of the IceFire ransomware. SentinelLabs first made this observation and found that criminals abused a deserialization bug in IBM Aspera Faspex file sharing software, tracked as CVE-2022-47986. Its Windows version is known to spread via phishing messages.