Oh well, looks like this is the answer, there was an allow rule for Docker for all incoming traffic... Don't remember setting that one..., but definitely changed that to a "block" now.
What other software do you run in your network? I got affected by this too, nothing of value was lost so I'm going to create DB from 0. Logs point me to home-assistant trying to bruteforce the postgres database. I'm not running windows.