Welcome reader to your CybersecurityHQ report

Headlines

The European Union’s Artificial Intelligence Act has gone into effect, standing as the first of its kind in the world. The law regulates any product or service that uses AI in the 27-nation bloc. Products will be placed into one of four risk categories. The lower the perceived risk, the less stringent the rules. Many parts of the law will not go into effect for months and even years, as the regulations are phased in from now to mid-2026.

The most popular forms of generative AI, including ChatGPT, will not be regulated until August 2025. At that point, companies that fail to comply could have up to 7% of their annual global revenue fined. Many of the rules prioritize transparency. For instance, chatbots need to inform human users that they are AI. Similarly, deepfakes will need to be labelled as such.

CrowdStrike is fighting back against Delta’s public claims of coming legal action. The airline alleges that the IT outage caused by the cybersecurity company’s Windows update made them liable, but CrowdStrike is now saying it has minimal liability. Delta estimates that the outage cost them $500 million—a stunning number if true.

Delta’s claim that the outage came from CrowdStrike’s gross negligence or misconduct could serve as the basis for legal action. A spokesperson for CrowdStrike, however, cautions, "public posturing about potentially bringing a meritless lawsuit against CrowdStrike as a long-time partner is not constructive to any party. We hope that Delta will agree to work cooperatively to find a resolution."

The background check company Jericho Pictures Inc., doing business as National Public Data, exposed the personal information of almost 3 billion people in April, according to a proposed class action. On April 8, threat actors under the name UDoD posted a database containing 2.9 billion records with the name “National Public Data.” They sought $3.5 million for it on a dark web forum.

The exposed information includes Social Security numbers, current and past addresses, names, relatives, and more. If the breach is confirmed, it would be among the very biggest in history.

Interesting Read

Wiz was set up to become the biggest acquisition Google ever made, coming in at a whopping $23 billion for the cybersecurity company. But, in the final hour, Wiz decided to walk away. Writing to his employees, CEO Assaf Rappaport said that “we are flattered” by the offer, but they were going to refuse it.

Learn more about the deal and the company confident enough to leave so much money on the table with this explainer by TechCrunch.

Twitter Highlights

Employment Tip: Improve Ethical Hacking Skills

Ethical hacking is a fun and potentially lucrative way to improve your skills as a cybersecurity professional. Gamified options like Hack the Box or TryHackMe give you high-feedback environments to build skills, and many corporations offer big-ticket rewards if you can ethically hack for them.

For the latest openings in cybersecurity careers, check CybersecurityHQ.

Stay Safe, Stay Secure.

The CybersecurityHQ Team