Toivo was update to version May 6, 2015. There was XSS vulnerability in genericons example.html file, which is now removed. You can read more about in WPTavern blog or Sucuri security blog.
Another update was support for toggling sub menus in Primary menu. I need to take another look into this but because of the security reason I decided to update as soon as possible.
Details in the update:
- Remove example.html file from Genericons for security (DOM-based XSS) reasons.
- Update submenus in Primary menu for enabling toggle support.
Note that also Toivo Lite, Kuorinka, and Mina Olen theme was updated because of the same security reason on May 6, 2015.