PRIVACY RISK
LinkedIn Expands AI Training and Data Sharing with Microsoft Across Multiple Regions
LinkedIn announced on November 3, 2025, significant updates to its Terms of Service and Privacy Policy, including the expansion of user data usage for AI training and enhanced data sharing with parent company Microsoft. The changes affect members globally, with region-specific implementations for the EU, EEA, Switzerland, UK, Canada, Hong Kong, and other countries including the United States. LinkedIn began using member data, including profile details and public content, but excluding private messages, to train content-generating AI models designed to help hirers find candidates and assist members in creating profile updates, messages, and posts.
For members in the EU, EEA, Switzerland, and UK, LinkedIn relies on legitimate interest as the legal basis for processing data for AI training purposes, with opt-out options available in user settings. In Canada, Hong Kong, and all other countries including the US, LinkedIn expanded data sharing with Microsoft to include LinkedIn profile data, feed activity data, and ad engagement data, enabling Microsoft to show more personalized ads across its family of products. The company emphasized that it honored all prior setting choices and that no settings were removed for any members in any regions, though users must actively opt out if they prefer not to have their data used for these purposes.
LinkedIn defined "Affiliate" as a family of companies related by ownership, specifically including LinkedIn Ireland, LinkedIn Corp., Microsoft, and its subsidiaries. The updated User Agreement also added clarity on deep fakes and wrongful impersonations as violations, secondary payment method usage, and appeal processes for LinkedIn decisions. Members who continue using LinkedIn services after November 3, 2025, are deemed to have agreed to the updated terms.
Why This Matters: Organizations using LinkedIn for recruitment or professional networking may need to review how employee and corporate data could be utilized for AI training and cross-platform advertising. The opt-out structure requires active user engagement, which could affect data governance strategies for companies managing corporate LinkedIn accounts or employee professional profiles.
More info
PHYSICAL RISK
Out-of-Control Wildfire Burns 1,000 Hectares in New Zealand's Tongariro National Park
Fire and Emergency New Zealand (FENZ) reported on November 3, 2025, that an out-of-control wildfire in Tongariro National Park on the North Island has expanded to approximately 1,000 hectares. Forty-three hikers and a warden were airlifted from Mangatepopo Hut on Saturday, with an additional nine hikers evacuated from Waihohonu Hut on Sunday morning. The Department of Conservation (DOC) closed the Tongariro Crossing and associated areas, while State Highway 47 between Waimarino and Tongariro remains closed with no detours available.
Sam Clarkson, owner of Skotel Alpine Resort, described witnessing flames estimated at 30 meters high stretching across a 4-kilometer front on Saturday night, driven by brisk westerly winds. The fire progressed up Mangatepopo Road toward the Tongariro Crossing, consuming sensitive sub-alpine environments on Pukeonake hill. Despite six weeks of prior rainfall saturating the park, tea tree, the dominant species on the flats and one of New Zealand's most flammable native plants, fueled rapid fire spread after only seven to eight days of fine weather. DOC indicated it expects "significant biodiversity impacts" given the fire's size.
FENZ deployed six fire trucks, five tankers, six helicopters, and two planes to the fireground on Sunday, with Assistant Commander Nick West estimating it could take a full day of operations to bring the fire under control. No structures have been reported damaged or destroyed, and no residents were evacuated overnight. A specialist wildfire investigator is working to determine the cause of the fire, while a no-fly zone covers the airspace over the fireground to protect firefighting aircraft from other aircraft and drones. Residents are urged to stay alert, keep windows and doors shut to minimize smoke exposure, and self-evacuate if feeling unsafe or vulnerable to smoke.
Why This Matters: Organizations with operations or personnel in New Zealand should monitor developments in the Tongariro region, particularly given transport disruptions and air quality concerns.
More info
REPUTATIONAL RISK
Coca-Cola Faces Renewed Boycott Calls Over Second Year of AI-Generated Christmas Advertisements
Coca-Cola released two new AI-generated Christmas advertisements on November 4, 2025, sparking immediate online backlash and calls for boycotts against the soft drink company. The 2025 ads feature anthropomorphic animals admiring red Coca-Cola trucks, marking the company's second consecutive year using generative AI for holiday campaigns despite widespread criticism in 2024. Last year's three AI-generated Christmas ads were widely mocked as "uncanny eyesores," with commentators asserting the use of AI appeared cheap compared to Coca-Cola's traditional wholesome Christmas advertising.
Social media users reacted with anger, with some calling for boycotts and others stating they would switch to Pepsi. Pratik Thakar, head of generative AI at Coca-Cola, told The Hollywood Reporter: "The genie is out of the bottle, and you're not going to put it back in." Much of the backlash centered on perceived threats to workers in advertising and creative fields, as well as concerns about AI disrupting human labor across industries. The Wall Street Journal reported that Coca-Cola declined to comment on the campaign's cost.
The controversy carries particular weight because Coca-Cola is credited with popularizing the modern red-and-white Santa Claus design, and its holiday ads are viewed as an American institution. The AI-generated ads are remakes of the popular hand-crafted 1995 advertisement "Holidays Are Coming."
Why This Matters: Organizations considering AI-generated content for brand campaigns may face reputational challenges, particularly when replacing culturally significant creative work. Consumer sentiment around AI usage could affect brand perception and purchasing decisions in contexts where tradition and human creativity carry emotional significance.
More info
TECHNOLOGICAL RISK
US Congressional Budget Office Confirms Cybersecurity Breach Potentially Exposing Congressional Communications
The U.S. Congressional Budget Office (CBO) announced on November 6, 2025, that it had identified and contained a security incident at the non-partisan agency responsible for providing financial research data to lawmakers. The Washington Post reported the agency was hacked by a suspected foreign actor, though the CBO declined to comment on attribution. The agency stated it implemented additional monitoring and new security controls following the breach discovery, and that congressional work continues while the incident is under investigation.
Officials from the Senate Sergeant at Arms office notified multiple congressional offices on Tuesday of the cyber incident, warning that email communications between the CBO and Senate offices may have been exposed to hackers. According to a notification reviewed by Reuters, officials cautioned that compromised data could be "used to craft highly targeted phishing emails that appear to be legitimate CBO communications." The Washington Post reported that office chat logs may also have been compromised. Senate offices were advised to verify the legitimacy of sources for any email, voice, or text communications purportedly from CBO, particularly those related to the incident.
The CBO, established in 1974, serves as Congress's budget analyst and provides an alternative to information from the White House budget office and other agencies. The agency noted that "like other government agencies and private sector entities, CBO occasionally faces threats to its network and continually monitors to address those threats." The Senate Sergeant at Arms office did not immediately respond to requests for comment.
Why This Matters: The breach of a congressional agency could enable sophisticated phishing campaigns targeting legislative offices and their communications networks.
More info
HEALTH RISK
Europe Faces Surge in Bird Flu Outbreaks with 688 Cases Recorded This Season
European countries are implementing widespread poultry confinement measures as highly pathogenic avian influenza outbreaks reach unprecedented levels, with 688 cases recorded so far this season compared to 189 during the same period last year. Ireland imposed a nationwide housing order for poultry on November 5, 2025, after confirming its first bird flu outbreak in three years, becoming the latest country to mandate indoor confinement. France issued a similar order in October after culling over 20 million birds during the 2021-22 outbreak, while Britain implemented its order on Tuesday, with the Netherlands and Belgium acting in October. In total, 15 out of 27 European Union countries have recorded bird flu outbreaks on farms so far this season.
Germany has been the hardest hit EU country, recording 58 outbreaks on farms between August 1 and the end of October out of a total of 136 for the EU plus Britain, according to data compiled by France's animal health surveillance platform, compared to only eight outbreaks during the same period the previous year. German media reported that approximately one million poultry had to be culled due to the virus, though no nationwide compulsory housing order has been implemented, with several affected states imposing regional measures. Poland, the EU's largest poultry producer, came second with 15 outbreaks and has not required all poultry to be kept indoors.
Nigel Sweetnam, chair of the Irish Farmers' Association National Poultry Committee, noted that "the whole pattern of bird flu is changing," with the virus arriving approximately one month earlier than normal and in different geographical locations. While bird flu typically peaks in autumn with migratory birds, the unusually high number of outbreaks this season has raised concerns for commercial flocks. The disease has led to the death of hundreds of millions of birds in recent years and has spread to dairy cows in the United States, disrupting supply chains, contributing to food price increases, and posing potential human transmission risks.
Why This Matters: Organizations in food production, supply chain management, and agricultural sectors may face operational disruptions and cost increases as containment measures expand across Europe.
More info
LEGAL & REGULATORY RISK
European Commission Opens Antitrust Investigation into Deutsche Börse and Nasdaq Over Derivatives Collusion
The European Commission announced on November 6, 2025, that it has launched an antitrust investigation into German stock market operator Deutsche Börse and US-based Nasdaq over suspected collusion in the financial derivatives trading sector. European Commissioner Teresa Ribera, responsible for enforcing competition rules, stated: "We are investigating whether Deutsche Börse and Nasdaq may have colluded to avoid competing for the listing, trading and clearing of certain financial derivatives." The investigation follows unannounced inspections by Commission investigators in September 2024 at Deutsche Börse and Nasdaq offices.
The Commission expressed concerns that the two companies may have allocated demand, coordinated prices, and exchanged commercially sensitive information in the derivatives market. "If proven, this behaviour may breach EU competition rules that prohibit cartels and restrictive business practices," the Commission stated, while emphasizing that opening an investigation does not necessarily mean rules were broken. According to Commission information, the Deutsche Börse group operates the largest derivatives exchange in the European Economic Area, which includes the EU's 27 member states plus Iceland, Liechtenstein, and Norway, while Nasdaq operates stock exchanges in both the US and Europe.
A Deutsche Börse spokeswoman told Reuters that the company and its subsidiary Eurex, Germany's largest derivatives exchange, had taken note of the investigation announcement and were working constructively with Brussels authorities. She indicated the investigation was at an early stage and that cooperation between Deutsche Börse and Nasdaq stemmed from an accord struck in 1999 that was discussed with the Commission at the time. "The cooperation should promote competition. It was aimed in particular at deepening liquidity in respective Nordic derivative markets and creating efficiency gains. It offered clear advantages for participants in the market and was publicly known," she stated.
Why This Matters: Financial institutions and market participants trading derivatives in European markets may face potential changes to trading infrastructure and clearing arrangements depending on investigation outcomes.
More info
STRATEGIC RISK
Activist Investor Kimmeridge Demands Leadership Overhaul at Coterra Energy, Citing Failed Merger Strategy
Activist investment firm Kimmeridge issued an open letter on November 4, 2025, calling for significant changes at Coterra Energy, arguing that the 2021 merger between Cabot Oil & Gas and Cimarex Energy has failed to deliver shareholder value and left the company trading at a discount to peers. The private investment firm, which holds a "significant stake" in Coterra without disclosing exact details, urged the board to appoint an independent, non-executive chair and refocus operations on its oil-rich Delaware Basin assets. Mark Viviano, Managing Partner at Kimmeridge, stated in the letter that "Coterra's history has been tainted by a boardroom unwilling to acknowledge its own missteps."
Kimmeridge specifically called for Coterra to divest its Marcellus and Anadarko Basin assets to become a pure-play Permian producer, contending that the company's current mix of oil and gas properties has created operational inefficiency and eroded returns. The firm argued that a streamlined business focused solely on Permian assets would simplify operations and unlock a valuation re-rating. Coterra shares have declined 2.8% year-to-date compared to a 1.25% rise in the broader S&P 500 energy index, though they rose 1.7% in morning trading following the letter's release.
Coterra CEO Tom Jordan responded on a post-earnings call, stating that Kimmeridge's letter contained "some factual errors" and expressing disappointment that the firm released a public letter without prior engagement. The $17 billion merger in 2021 was characterized as a "surprise" at the time, as it combined Cabot's gas-rich Marcellus shale positions in the U.S. northeast with Cimarex's oil-heavy acres in West Texas. Coterra missed Wall Street estimates for third-quarter profit on Monday, as lower oil prices offset production increases.
Why This Matters: Organizations monitoring energy sector consolidation may observe how activist pressure following large mergers could influence future M&A strategy and asset portfolio decisions.
More info
FINANCIAL RISK
Balancer DeFi Protocol Loses $128 Million in Ongoing Access Control Exploit
Decentralized finance protocol Balancer suffered a major security breach on November 3, 2025, resulting in losses exceeding $128 million in digital assets, according to blockchain security firms PeckShield and Cyvers. The exploit was flagged by security researchers on Monday, with warnings that funds linked to the attacker's wallet were continuing to be siphoned at the time of reporting. Balancer confirmed awareness of the incident in a post on X (formerly Twitter), stating that the protocol's engineering and security teams were investigating with "high priority."
Deddy Lavid, Chief Executive of Cyvers, explained that "the ongoing drain likely stems from a compromise of access control mechanisms within the protocol, allowing the attackers to manipulate balances directly." He added that "the Balancer team is still attempting to re-establish control, which explains why the exploit continues." Prior to the breach, Balancer, a decentralized exchange built on the Ethereum blockchain, managed over $700 million in total assets according to DefiLlama data.
The incident represents one of the larger DeFi exploits in recent months, with the compromised access controls enabling attackers to directly manipulate user balances rather than exploiting smart contract vulnerabilities. The continuing nature of the drain at the time of initial reporting suggests the protocol's security response faced challenges in immediately containing the breach.
Why This Matters: The access control compromise highlights potential vulnerabilities in protocol governance mechanisms that could affect asset security across the broader DeFi ecosystem.
More info
POLITICAL RISK
Tanzania Arrests Opposition Officials, Charges Hundreds with Treason Following Disputed Elections
Tanzanian police arrested Amani Golugwa, deputy secretary general of opposition party Chadema, on November 8, 2025, as authorities intensified a crackdown following violent protests after last month's disputed elections. Police named nine additional individuals being sought in connection with the unrest, including influential preacher Josephat Gwajima, whose church was deregistered earlier this year after criticizing government rights abuses, and senior Chadema officials Brenda Rupia (communications director) and John Mnyika (secretary-general). This follows prosecutors charging 145 people with treason the previous day, with hundreds more facing similar charges according to publicly available charge sheets.
Chadema and human rights activists claim security forces killed more than 1,000 people during attempts to quell riots and opposition protests before and after the vote, though the government has dismissed these figures as exaggerated without providing its own death toll. The Catholic Church in Tanzania stated that hundreds were likely killed, while the Kenya Human Rights Commission asserted in a Friday statement that 3,000 people have been killed by Tanzania's security forces with thousands still missing. The rights group stated that pictorial evidence shows many victims "bore head and chest gunshot wounds, leaving no doubt these were targeted killings, not crowd-control actions." The organization noted that an ongoing internet blackout and bandwidth restrictions facilitate a cover-up, suggesting the actual death toll could be significantly higher.
President Samia Suluhu Hassan, who automatically assumed office as vice president in 2021 after her predecessor's death, won over 97% of the vote according to official tallies. She faced 16 candidates from smaller parties after Chadema leader Tundu Lissu and ACT-Wazalendo's Luhaga Mpina were barred from running. The African Union concluded this week that the election "did not comply with AU principles, normative frameworks, and other international obligations and standards for democratic elections," reporting ballot stuffing at several polling stations and cases of voters receiving multiple ballots. Rights groups including Amnesty International documented enforced disappearances, arbitrary arrests, and extrajudicial killings before voting, though Tanzania's government denies these allegations. The governing Chama cha Mapinduzi party, which maintains ties with the Communist Party of China, has ruled Tanzania since independence from Britain in 1961.
Why This Matters: Organizations with operations or personnel in Tanzania should consider monitoring the evolving political situation, particularly given reports of internet restrictions, ongoing security force deployments, and mass arrests.
More info