Pete Recommends – Weekly highlights on cyber security issues, November 8, 2025

Subject: Google flags new wave of online scams fueled by AI fakes and holiday hustles
Source: Android Central
https://www.androidcentral.com/apps-software/google-flags-new-wave-of-online-scams-fueled-by-ai-fakes-and-holiday-hustles

  • Google’s latest advisory warns that fraudsters are using generative tools to make fake job posts, apps, and sites look frighteningly real.
  • Scammers clone company pages and create fake recruiter profiles to steal personal info or charge bogus “fees.”
  • Attackers spam fake one-star reviews, then demand money to make them disappear. Google now lets merchants report these directly.

Other warnings include malicious VPN apps disguised as privacy tools but actually loaded with malware, fraud recovery scams targeting people who’ve already been scammed, and holiday shopping scams that ramp up during Black Friday and Cyber Monday with fake storefronts and “too-good-to-be-true” deals.

Subject: DHS admits error in text message retention
Source: The Hill
https://thehill.com/homenews/administration/5593310-homeland-security-text-message-retention-lawsuit/

The DHS initially told the group that “text message data generated after April 9, 2025, is no longer maintained” and that the agency “no longer has the capability to conduct a search of text messages.”
But a sworn declaration made by DHS’s chief data officer said the initial statement wasn’t true.

DHS, the official said, has stopped using a program that automatically preserved text messages, and employees instead must now “manually archive their messages.”
“Although the TeleMessage software reduced the burden on these officials to manually archive messages, and made it easier for the Department to respond to FOIA and discovery requests for these messages, DHS disabled TeleMessage in April 2025 due to cybersecurity failures,” the official wrote.

Scammers are getting smarter, and Google’s new report shows how they’re doing it.

Subject: Washington Post says it is among victims of cyber breach tied to Oracle software
Source: Reuters
https://www.reuters.com/business/media-telecom/washington-post-says-it-is-among-victims-cyber-breach-tied-oracle-software-2025-11-06/

[h/t Sabrina] WASHINGTON, Nov 6 (Reuters) – The Washington Post said it is among victims of a sweeping cyber breach tied to Oracle software. In a statement released on Thursday, the newspaper said it was one of those impacted “by the breach of the Oracle E-Business Suite platform.”The paper did not provide further detail, but its statement comes after CL0P, the notorious ransomware group, said on its website that the Washington Post was among its victims. CL0P and Oracle did not immediately return messages seeking comment.


Google said last month that there were likely to be more than 100 companies affected by the intrusions.

Subject: Congressional Budget Office had a cyber ‘security incident’
Source: Washington Post via Politico – Congressional Budget Office believed to be hacked by foreign actor
https://www.washingtonpost.com/business/2025/11/06/cbo-hack-congress-foreign/ and https://www.politico.com/live-updates/2025/11/06/congress/congressional-budget-office-hacked-00640964

The Congressional Budget Office was hacked by a suspected foreign actor and said it took “immediate action to contain” the breach while it investigates the “security incident.” Officials are reviewing whether internal emails and communications with congressional offices were accessed. The CBO produces the budget analyses and debt projections that lawmakers use to write and score legislation. The Senate Rules Committee was briefed on the intrusion, and neither the FBI nor the Cybersecurity and Infrastructure Security Agency confirmed whether they are involved.

Subject: Washington Post says it is among victims of cyber breach tied to Oracle software
Source: Reuters
https://www.reuters.com/business/media-telecom/washington-post-says-it-is-among-victims-cyber-breach-tied-oracle-software-2025-11-06/

The Washington Post said it is among victims of a sweeping cyber breach tied to Oracle. In a statement released on Thursday, the newspaper said it was one of those impacted “by the breach of the Oracle E-Business Suite platform.The paper did not provide further detail, but its statement comes after CL0P, the notorious ransomware group, said on its website that the Washington Post was among its victims. CL0P did not return messages seeking comment. Oracle pointed Reuters to a pair of security.
Subject: University of Pennsylvania confirms hacker stole data during cyberattack
Source: TechCrunch

“On October 31, Penn discovered that a select group of information systems related to Penn’s development and alumni activities had been compromised,” the university wrote in a statement, which was emailed to alumni and shared online. “Penn’s staff rapidly locked down the systems and prevented further unauthorized access; however, not before an offensive and fraudulent email was sent to our community and information was taken by the attacker.”

(Disclosure: As an alumna and former employee of the university, the hackers sent the message to my personal email three times, each coming from different official @upenn.edu email addresses, including one from a senior Penn staff member.)

Subject: Google says Search AI Mode will know everything about you
Source: Bleeping Computer
https://www.bleepingcomputer.com/news/google/google-says-search-ai-mode-will-know-everything-about-you/

Google wants ‘AI mode’ on Search to be as personal as possible, and it’ll soon tap into services like Gmail or Drive to know more about you.

Google believes the future of search is going to be more personal than ever, largely due to the increase in large language models usage.

As spotted by Gagan Ghotra on X, in a recent podcast with Silicon Valley Girl, Google’s Robby Stein suggested that the company is exploring ways to let AI Mode access Gmail or Google Drive.

“We announced at I/O an opportunity for users in the future to be able to opt into an experience with enhanced personalization,” he said.

“We want people to be able to help Google and help the services know more about you so that it can be more helpful.”

That means in the future, AI Mode will pull details from your emails, documents, and other Google apps to give truly customized responses.

For example, it could summarize flight information from Gmail, create a schedule using Calendar, or pull trip ideas from Maps and Drive files.

Subject: Enterprises are not prepared for a world of malicious AI agents
Source: ZDNET
https://www.zdnet.com/article/enterprises-are-not-prepared-for-a-world-of-malicious-ai-agents/

The current model of managing corporate identities is unprepared for a wave of AI agents gaining access to privileged resources.
As enterprises begin implementing artificial intelligence agents, senior executives are on alert about the technology’s risks but also unprepared, according to Nikesh Arora, chief executive of cybersecurity giant Palo Alto Networks.As enterprises begin implementing artificial intelligence agents, senior executives are on alert about the technology’s risks but also unprepared, according to Nikesh Arora, chief executive of cybersecurity giant Palo Alto Networks.”There is beginning to be a realization that as we start to deploy AI, we’re going to need security,” said Arora to a media briefing in which I participated.”And I think the most amount of consternation is around the agent part,” he said, “because customers are concerned that if they don’t have visibility to the agents, if they don’t understand what credentials agents have, it’s going to be the Wild West in their enterprise platforms.”
LinkedIn
Posted in: AI, Cybercrime, Cybersecurity, E-Commerce, Email, Email Security, Privacy, Search Engines, Technology Trends