"No active attempts"
"Progress Software said" of course. Because indeed, they don't see or notice them. Quite a stretchy assumption to jump to "no active attempts".
Security researchers have spotted what they believe to be a "possible mass exploitation" of vulnerabilities in Progress Software's WS_FTP Server. Researchers at Rapid7 began noticing evidence of exploitation on 30 September across multiple instances of WS_FTP. Progress released fixes for eight separate vulnerabilities in …
"WS_FTP is available since 1991"
WS_FTP was originally written in 1993.
Windows Sockets was first seriously proposed in late 1991 (at Interop in San Jose). It was later known as Winsock (thus WS_FTP), and wasn't available until mid '92, but it wasn't really usable until early '93 ... although I (as a Berkeley networking guy) could easily make a case for the thing not really being ready for Prime Time until early '94 when ver. 2 came out.
are people seriously still using FTP in 2023? what's up with SSH / SCP
You may be shocked to learn that Alphabet Inc doesn't just go around selling alphanumeric characters, Amazon.com has nothing to do with the rain forest or river, Twitter.com will not sell you any birds, Facebook offers neither books or faces, etc.
WS_FTP also, strangely enough, supports more than just the "FTP" protocol. Since at least 2010, they have offered SFTP support:
https://www.serverwatch.com/servers/getting-started-with-ipswitchs-ftp-server-ws_ftp-server-7-5/
"Everyone still living in the 1990's very worried."
I think you'll find that many large corporations and governments use WS_FTP all the time. If you absolutely have to use software from Redmond and you need that kind of thing, WS-FTP is probably the best mass-market solution.
No, I don't use it; I have better solutions.