Hello. MGM Resorts International sued the Federal Trade Commission on Monday, seeking to stop an investigative demand in the agency's probe of a September ransomware strike against the hotel and casino operator.

MGM Resorts made several protests in its lawsuit, including that the FTC violated its Fifth Amendment rights to due process. The company also wants FTC Chair Lina Khan to be removed from the case, saying she could very well be called as a witness in any of the 15 class-action suits against MGM Resorts over the incident. Khan happened to be checking in as a hotel guest during the attack. Read our full story.

Newsletter Extra: Guidance for secure AI use 

More news:

• Lawmakers press UnitedHealth for hack and recovery details as the company swung to a loss in the first quarter
• Bankruptcy advisers explore AI security concerns
• Cyber strikes are an option for Israel's response to Iran's attack
• Hearing on ransomware in the financial sector
• Cisco warns of stolen customer logs

• UnitedHealth Group swung to a loss in the first quarter after being the target of a cyberattack that will also hit its full-year results, as it suspended some of its care-management activities. The healthcare and insurance company on Tuesday posted a net loss of $1.22 billion, or $1.53 a share, compared with a profit of $5.77 billion, or $5.95 a share, for the same period a year earlier. (WSJ)

• A bipartisan group of House lawmakers wants answers from UnitedHealth Chief Executive Andrew Witty about what the company has done to fix security holes since the Feb. 21 attack and details about personal and health data that might have been stolen, among other topics. The group, in a letter released Monday, gave Witty a deadline of April 29 to respond to 25 detailed questions. 

NEWSLETTER EXTRA: Deploying AI securely requires the right funding, technical expertise and infrastructure, according to top cyber agencies in the U.S., Australia, Canada, New Zealand and the U.K., which issued guidance Monday on handling AI. The full publication is worth a read but here are some key pieces of advice from the agencies:  

• Promote a culture where the data science, infrastructure and cyber teams, in particular, feel comfortable speaking up about concerns.
• Require the primary developer of the AI system to provide a threat model for it as well, to identify risks and associated mitigation steps.
• To guard against data poisoning, know the data sets that train the AI model. If the model comes from a third party, ask to examine the list of data sources used. 
• Secure sensitive information, such as AI outputs and logs, by encrypting the data at rest, and store encryption keys in a hardware security module for later on-demand decryption.
• Use AI-specific scanners to detect potentially malicious code before deploying. 

—Kim S. Nash

Cisco's Duo unit said hackers have stolen the voice-over-IP and SMS logs of customers, data that could be used to thwart multi-factor authentication systems. (Bleeping Computer)

Toll-booth scam: Fraudsters are sending texts about unpaid tolls to try to trick recipients into revealing personal and financial data, the FBI warned. The scam has been spotted in at least three states, though the warning didn't name them. (InfoSecurity Magazine)

Evolution Equity Partners has wrapped up fundraising with $1.1 billion collected for a fund to back cybersecurity companies through growth investments. 

• The firm plans to write checks ranging from $20 million to $150 million to back roughly 30 growth-stage cybersecurity companies, including ones with AI technologies. 
• So far, Evolution has invested in 20 cyber businesses out of the new pool, including Protect AI, and Arctic Wolf. (WSJ Pro Private Equity)

The WSJ Pro Cybersecurity team is Deputy Editor Kim S. Nash (on X @knash99), reporter James Rundle and reporter Catherine Stupp (@catstupp). Follow us on X @WSJCyber. Reach the team by replying to any newsletter you receive or by emailing Kim at kim.nash@wsj.com.