“The secret of getting ahead is getting started.” – Mark Twain
Happy Cybersecurity Awareness Month! October is here, and with the Information Warfare Summit 2025 now behind us, there’s no better time to launch something new.
Welcome to the first edition of The Pinpoint Protocol — a weekly newsletter from Pinpoint Security focused on all things cybersecurity, with a special spotlight on the communities we serve.
What to Expect
Each week, you’ll receive:
• A short editorial from one of our team members on a timely security topic.
• A practical security tip you can apply immediately.
• A curated roundup of the top cybersecurity stories of the week.
Our goal? To deliver the best cybersecurity insights you can read in five minutes or less — straight to your inbox, once a week.
Enjoy what you read? Share it with a colleague, comment or subscribe. We’d love your feedback.
🔒 Security Tip of the Week: Turn It Off!
Did you know that many types of mobile malware don’t survive a reboot? Regularly powering down your phone is a simple but effective habit that can reduce risk and improve performance.
Make it a weekly ritual — turn off your device, disconnect, and recharge (both your phone and yourself). A short digital break can do wonders for your focus and mental health.
Remember: the most secure computer is encased in concrete at the bottom of the ocean. 😄 But until you go that far, just power down once in a while and stay secure.
-Stephen
📰 Weekly News Roundup:
Here are some of the top cybersecurity stories from the past 7 days.
🛡️ F5 Networks Discloses Major Nation-State Breach of BIG-IP Source Code
F5 Networks disclosed a breach attributed to a “highly sophisticated nation-state threat actor” who stole portions of the BIG-IP proprietary source code and information on undisclosed product vulnerabilities. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) issued an emergency directive mandating federal agencies to inventory and secure their F5 BIG-IP products due to the elevated risk of exploitation from this stolen data.
Reference: The Hacker News
URL: https://thehackernews.com/2025/10/f5-breach-exposes-big-ip-source-code.html
💻 Microsoft October Patch Tuesday Fixes Three Actively Exploited Zero-Days
Microsoft’s October 2025 Patch Tuesday addressed a total of 172 vulnerabilities, including three zero-day flaws that were being actively exploited in the wild. The critical zero-days are: CVE-2025-24990 and CVE-2025-24052 (Elevation of Privilege in a third-party Windows Agere Modem Driver, which Microsoft is now removing), and CVE-2025-59230 (Elevation of Privilege in Windows Remote Access Connection Manager).
Reference: Bleeping Computer
URL: https://www.bleepingcomputer.com/news/microsoft/microsoft-october-2025-patch-tuesday-fixes-6-zero-days-172-flaws/
✈️ Qantas Customer Data Leaked by Scattered Lapsus$ Hunters Group
The “Scattered Lapsus$ Hunters” cyber extortion group reportedly leaked the personal information of 5.7 million Qantas customers after a ransom deadline passed on October 11. This incident is part of a larger campaign by the group—an alliance including Scattered Spider and ShinyHunters—which claimed to have stolen data from numerous companies that use Salesforce-based systems.
Reference: Bright Defense
URL: https://www.brightdefense.com/resources/recent-data-breaches/
🚨 Critical Adobe Experience Manager Flaw Added to CISA’s Actively Exploited List
CISA added a critical security misconfiguration flaw in Adobe Experience Manager (AEM) Forms, tracked as CVE-2025-54253 (CVSS 10.0), to its Known Exploited Vulnerabilities catalog. The flaw could allow an unauthenticated attacker to execute arbitrary code, and organizations are being urgently warned to patch due to confirmed active exploitation.
Reference: WIU Cybersecurity Center
URL: https://www.wiu.edu/cybersecuritycenter/cybernews.php
🏦 Oracle E-Business Suite Zero-Day Exploited in Widespread Extortion Campaign
Google Threat Intelligence Group (GTIG) and Mandiant detailed an active, widespread extortion campaign targeting Oracle E-Business Suite (EBS) customers using what was a zero-day vulnerability (CVE-2025-61882) to exfiltrate documents. The threat actors are sending high-volume emails to executives, claiming to have breached their EBS application, and demanded ransom. Oracle has since released emergency patches.
Reference: Google Cloud Blog
URL: https://cloud.google.com/blog/topics/threat-intelligence/oracle-ebusiness-suite-zero-day-exploitation