Anubis Ransomware Encrypts and Wipes Files, Making Recovery Impossible Even After Payment

An emerging ransomware strain has been discovered incorporating capabilities to encrypt files as well as permanently erase them, a development that has been described as a “rare dual-threat.”
“The ransomware features a ‘wipe mode,’ which permanently erases files, rendering recovery impossible even if the ransom is paid,” Trend Micro researchers Maristel Policarpio, Sarah Pearl Camiling, and

Source: Read More

CVE-2025-38223 – Ceph: Kernel BUG on encrypted inode with unaligned file size

July 4, 2025

CVE ID : CVE-2025-38223

Published : July 4, 2025, 2:15 p.m. | 4 hours, 57 minutes ago

Description : In the Linux kernel, the following vulnerability has been resolved:

ceph: avoid kernel BUG for encrypted inode with unaligned file size

The generic/397 test hits a BUG_ON for the case of encrypted inode with
unaligned file size (for example, 33K or 1K):

[ 877.737811] run fstests generic/397 at 2025-01-03 12:34:40
[ 877.875761] libceph: mon0 (2)127.0.0.1:40674 session established
[ 877.876130] libceph: client4614 fsid 19b90bca-f1ae-47a6-93dd-0b03ee637949
[ 877.991965] libceph: mon0 (2)127.0.0.1:40674 session established
[ 877.992334] libceph: client4617 fsid 19b90bca-f1ae-47a6-93dd-0b03ee637949
[ 878.017234] libceph: mon0 (2)127.0.0.1:40674 session established
[ 878.017594] libceph: client4620 fsid 19b90bca-f1ae-47a6-93dd-0b03ee637949
[ 878.031394] xfs_io (pid 18988) is setting deprecated v1 encryption policy; recommend upgrading to v2.
[ 878.054528] libceph: mon0 (2)127.0.0.1:40674 session established
[ 878.054892] libceph: client4623 fsid 19b90bca-f1ae-47a6-93dd-0b03ee637949
[ 878.070287] libceph: mon0 (2)127.0.0.1:40674 session established
[ 878.070704] libceph: client4626 fsid 19b90bca-f1ae-47a6-93dd-0b03ee637949
[ 878.264586] libceph: mon0 (2)127.0.0.1:40674 session established
[ 878.265258] libceph: client4629 fsid 19b90bca-f1ae-47a6-93dd-0b03ee637949
[ 878.374578] ———–[ cut here ]————
[ 878.374586] kernel BUG at net/ceph/messenger.c:1070!
[ 878.375150] Oops: invalid opcode: 0000 [#1] PREEMPT SMP NOPTI
[ 878.378145] CPU: 2 UID: 0 PID: 4759 Comm: kworker/2:9 Not tainted 6.13.0-rc5+ #1
[ 878.378969] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.3-0-ga6ed6b701f0a-prebuilt.qemu.org 04/01/2014
[ 878.380167] Workqueue: ceph-msgr ceph_con_workfn
[ 878.381639] RIP: 0010:ceph_msg_data_cursor_init+0x42/0x50
[ 878.382152] Code: 89 17 48 8b 46 70 55 48 89 47 08 c7 47 18 00 00 00 00 48 89 e5 e8 de cc ff ff 5d 31 c0 31 d2 31 f6 31 ff c3 cc cc cc cc 0f 0b 0b 0f 0b 66 2e 0f 1f 84 00 00 00 00 00 90 90 90 90 90 90 90 90
[ 878.383928] RSP: 0018:ffffb4ffc7cbbd28 EFLAGS: 00010287
[ 878.384447] RAX: ffffffff82bb9ac0 RBX: ffff981390c2f1f8 RCX: 0000000000000000
[ 878.385129] RDX: 0000000000009000 RSI: ffff981288232b58 RDI: ffff981390c2f378
[ 878.385839] RBP: ffffb4ffc7cbbe18 R08: 0000000000000000 R09: 0000000000000000
[ 878.386539] R10: 0000000000000000 R11: 0000000000000000 R12: ffff981390c2f030
[ 878.387203] R13: ffff981288232b58 R14: 0000000000000029 R15: 0000000000000001
[ 878.387877] FS: 0000000000000000(0000) GS:ffff9814b7900000(0000) knlGS:0000000000000000
[ 878.388663] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 878.389212] CR2: 00005e106a0554e0 CR3: 0000000112bf0001 CR4: 0000000000772ef0
[ 878.389921] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 878.390620] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 878.391307] PKRU: 55555554
[ 878.391567] Call Trace:
[ 878.391807]
[ 878.392021] ? show_regs+0x71/0x90
[ 878.392391] ? die+0x38/0xa0
[ 878.392667] ? do_trap+0xdb/0x100
[ 878.392981] ? do_error_trap+0x75/0xb0
[ 878.393372] ? ceph_msg_data_cursor_init+0x42/0x50
[ 878.393842] ? exc_invalid_op+0x53/0x80
[ 878.394232] ? ceph_msg_data_cursor_init+0x42/0x50
[ 878.394694] ? asm_exc_invalid_op+0x1b/0x20
[ 878.395099] ? ceph_msg_data_cursor_init+0x42/0x50
[ 878.395583] ? ceph_con_v2_try_read+0xd16/0x2220
[ 878.396027] ? _raw_spin_unlock+0xe/0x40
[ 878.396428] ? raw_spin_rq_unlock+0x10/0x40
[ 878.396842] ? finish_task_switch.isra.0+0x97/0x310
[ 878.397338] ? __schedule+0x44b/0x16b0
[ 878.397738] ceph_con_workfn+0x326/0x750
[ 878.398121] process_one_work+0x188/0x3d0
[ 878.398522] ? __pfx_worker_thread+0x10/0x10
[ 878.398929] worker_thread+0x2b5/0x3c0
[ 878.399310] ? __pfx_worker_thread+0x10/0x10
[ 878.399727] kthread+0xe1/0x120
[ 878.400031] ? __pfx_kthread+0x10/0x10
[ 878.400431] ret_from_fork+0x43/0x70
[ 878.400771] ? __pfx_kthread+0x10/0x10
[ 878.401127] ret_from_fork_asm+0x1a/0x30
[ 878.401543]
[ 878.401760] Modules l
—truncated—

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Upwork Freelancers vs Dedicated React.js Teams: What’s Better for Your Project in 2025?

Is Agile dead in the age of AI?

Top 15 Enterprise Use Cases That Justify Hiring Node.js Developers in 2025

The Core Model: Start FROM The Answer, Not WITH The Solution

Anthropic beats OpenAI as the top LLM provider for business – and it’s not even close

I bought Samsung’s Galaxy Watch Ultra 2025 – here’s why I have buyer’s remorse

I can admit when I’m wrong — this 75% wireless gaming keyboard is way better than I thought it would be

This is Microsoft’s canceled Windows-based Surface Duo — the dual-screen Windows Phone from 2018 that we never got

The details of TC39’s last meeting

The details of TC39’s last meeting

Enhancing Laravel Queries with Reusable Scope Patterns

Everything We Know About Livewire 4

I can admit when I’m wrong — this 75% wireless gaming keyboard is way better than I thought it would be

I can admit when I’m wrong — this 75% wireless gaming keyboard is way better than I thought it would be

This is Microsoft’s canceled Windows-based Surface Duo — the dual-screen Windows Phone from 2018 that we never got

Looking for an Ubuntu Manual? Try This Book

Anubis Ransomware Encrypts and Wipes Files, Making Recovery Impossible Even After Payment

Scaling Up Reinforcement Learning for Traffic Smoothing: A 100-AV Highway Deployment

Repurposing Protein Folding Models for Generation with Latent Diffusion

Cisco ClamAV Critical Flaws: CVE-2025-20260 (CVSS 9.8) Allows Code Execution

CVE-2025-38001 – Linux Kernel Netem HFSC Double Insertion Uninitialized Use After Free

How to Budget Smartly for Your First AI Project: A Step-by-Step Guide💡

OpenSees – Open System for Earthquake Engineering Simulation

CVE-2025-38223 – Ceph: Kernel BUG on encrypted inode with unaligned file size

How Can Cloud-Native Architecture Enhance Your DevOps Practices

Qwen3 family of reasoning models now available in Amazon Bedrock Marketplace and Amazon SageMaker JumpStart

CVE-2025-3786 – Tenda AC15 Wireless Repeat Buffer Overflow Vulnerability

Anubis Ransomware Encrypts and Wipes Files, Making Recovery Impossible Even After Payment

Related Posts