Short Takes – 2-9-26

Covert recording is easy, which is the problem. PenTestPartners.com article. Pull quote: “If you are running sensitive meetings, it is worth treating covert recording as a practical risk. Set expectations on recording, keep tighter control of visitors and unattended spaces, use suitable rooms for sensitive conversations, train staff on what to do if they suspect a device, and escalate concerns through a clear internal process. This is basic physical security hygiene, but it matters because the barrier to misuse is so low.”

Covid pandemic’s disruption of industrial activity drove surge in methane in early 2020s. ChemistryWorld.com article. Pull quote: “Methane levels in the atmosphere grew at over 16 parts per billion per year between 2020 and 2022, double the rate of increase in the years either side of the surge. Researchers previously suggested that the combination of an increase in natural methane emissions and fewer hydroxy radicals in the atmosphere drove the sharp increase,1 with each contributing equally. Methane is a potent greenhouse gas with a warming potential that is around 30 times greater than carbon dioxide over a 100 year period.”

Hacking Attack Leaves Russian Car Owners Locked Out of Their Vehicles. – Forta.com article. Summary: “Security-critical components need to be designed with the assumption that remote systems will fail at some point, whether due to accident or malicious attack. Having a graceful fallback that does not leave drivers stranded would be a good start.”

The Drone Wasn’t the Point: Escalation in the Age of Unmanned Probing. LinkedIn.com Pulse article. Pull quote: “Iran does not need to destroy a carrier to achieve its objectives. It needs to normalize close approaches, collect reaction data, stress command and control systems, increase the frequency of high-consequence decisions, and raise the probability of miscalculation over time.”

Tear gas and pepper spray can have lasting health effects. ScienceNews.org article. Pull quote: “But the long-term health risks are poorly understood. No large, systematic studies have investigated the health problems that emerge long after exposure to these chemicals, says Anthony Szema, chair of the American Thoracic Society’s Section on Terrorism and Inhalation Disasters. Some research, though, has painted a picture of enduring repercussions. For weeks and even months after the immediate moments of exposure, crowd control agents can continue to sabotage the organs that allow us to breathe, pump blood and even make life.”

Las Vegas bio lab raid possibly tied to California case, federal Chinese investigation. 8NewsNow.com article. Pull quote: “Shortly before 6 a.m., a Metro SWAT team served a search warrant at the home on Sugar Springs Drive near Washington Avenue and Hollywood Boulevard to search for a possible “biological laboratory” inside the home. A second location was also searched, but no lab was located.”

2025 Threat Report: Exploitation Grows Across IT, IoT, and OT. Forescout.com article. Pull quote:

 “242 vulnerabilities were added to CISA KEV — a 30% YoY increase YoY.

"285 vulnerabilities were added to the Vedere Labs KEV — a 213% YoY increase.

"71% of exploited vulnerabilities were not in CISA KEV, indicating attackers continue to exploit issues not prioritized by major advisories.

"One of the most exploited vulnerabilities affected Langflow, showing AI development tools are prime targets as AI adoption grows.”

Backlog List

• Airgas Hazardous Material Cargo Tank Leak,

• Global analysis identifies trends in platform chemical research,

• A path to creating polarized OLED displays,

• OT Network Security Threats: Industrial Routers Under Attack,

• China figured out how to sell EVs. Now it has to deal with their aging batteries,

• Without railway reform, your town could be the next East Palestine,

• The quest to hatch a bird-flu vaccine,

• Long-COVID research just got a big funding boost: will it find new treatments?

• MAP: Influenza hitting these states hardest as ‘super flu’ continues to spread, and

• An underwater volcano off Oregon didn’t erupt in 2025 after all. Why not?

Review – Committee Hearings – Week of 2-8-26 –

This week with both the House and Senate in Washington there is a relatively light hearing schedule. The high profile hearing this week will be the House Homeland Security oversight hearing on ICE, CBP, and USCIS. Of more interest here are two markup hearings and an oversight hearing for the remainder of DHS.

Markup Hearings

On Tuesday the Subcommittee on Commerce, Manufacturing, and Trade of the House Energy and Commerce Committee will hold a business meeting to mark up 12 bills, including HR 7390, the SAFE DRIVE Act.

On Wednesday the Senate Commerce, Science, and Transportation Committee will hold a business hearing to mark up eight bills, including S 3639, the SAT Streamlining Act, and S 1898, the ORBITS Act. This hearing was originally scheduled for February 3^rd, 2026.

Oversight Hearing

On Wednesday the Subcommittee on Homeland Security of the House Appropriations Committee will hold an oversight hearing looking at “Oversight Hearing – Potential DHS Shutdown Impacts”.

 

For more information on these hearings, see my article at CFSN Detailed Analysis - https://patrickcoyle.substack.com/p/committee-hearings-week-of-2-8-26 - subscription required.

Review – Public ICS Disclosures – Week of 1-31-26 – Part 2

For Part 2 we have four additional vendor disclosures from Sick (3) and Zyxel. There are seven vendor updates from Broadcom (3), ELECOM (2), HPE, and Moxa. Finally, we have an exploit for products from MySCADA.

Advisories

Sick Advisory #1 - Sick published an advisory that describes 15 vulnerabilities in their TDC-X401GL telematic data collector.

Sick Advisory #2 - Sick published an advisory that describes 12 vulnerabilities
(one with publicly available exploit) in their Incoming Goods Suite.

Sick Advisory #3 - Sick published an advisory that discusses an out-of-bounds read vulnerability in their nanoScan3 and microScan3 products.

Zyxel Advisory - Zyxel published an advisory that describes an OS command injection vulnerability in their ZLD firewalls.

Updates

Broadcom Update #1 - Broadcom published an update for their Brocade Fabric advisory that was originally published on January 27^th, 2026.

Broadcom Update #2 - Broadcom published an update for their Brocade Fabric OS advisory that was originally published on January 27^th, 2026.

Broadcom Update #3 - Broadcom published an update for their Brocade Fabric OS advisory that was originally published on January 27^th, 2026.

ELECOM Update #1 - JPCERT published an update for their ELECOM wireless LAN routers advisory that was originally published on August 27^th, 2024, and most recently updated on February 12^th, 2025.

ELECOM Update #2 - JPCERT published an update for their ELECOM wireless LAN routers advisory that was originally published on March 26^th, 2024, and most recently updated on November 26^th, 2024.

HPE Update - HPE published an update for their HPE ProLiant DL/ML/XD, Alletra, and Synergy Servers advisory that was originally published on December 12^th, 2025, and most recently updated on January 5^th, 2026.

Moxa Update - Moxa published an update for their Diffie-Hellman Key Exchange Protocol advisory that was originally published on June 2^nd, 2025, and most recently updated on January 5^th, 2026.

Exploits

MySCADA Exploit - Indoushka published an exploit for an OS command injection vulnerability in the MySCADA MyPRO Manager product.

Chemical Incident Reporting – Week of 1-31-26

NOTE: See here for series background.

Forest Park, GA  – 1-15-26

Local News Report: Here, here, and here.

There was a fire at a chemical manufacturing facility due to an upset condition in a reaction vessel. There was a brief evacuation order for the facility and shelter-in-place for the surrounding neighborhood. No injuries reported, no discussion about damages.

Not CSB reportable.

Skaneateles, NY– 1-21-26

Local News Report: Here, here, here, and here.

There was a minor chlorine leak at a water treatment plant in a pipe. The facility was evacuated pending closure of the valve leading to the area of the leak. No injuries were reported.

Not CSB reportable.

Washington County, PA – 1-30-26

Local News Report: Here, here, here, and here.

There was an explosion at a metal treating facility during chemical unloading operations. Five people were sent to the hospital; all have been released. There have been no discussions of damages at the facility. The last article reported that “magnesium-chloride” was unloaded into a tank containing hydrogen peroxide.

Probably not CSB reportable.

Russellville, AR – 2-4-26

Local News Report: Here, here, here, and here.

There was a truck rollover incident involving a tanker carrying ‘ammonia hydroxide’. Photo here. There was no chemical leak from the truck, but local businesses were evacuated as a precaution. Interestingly, the local fire departments Facebook site reports that the incident involved ‘anhydrous ammonia’ not ammonium hydroxide.

Not CSB reportable, this was a transportation related accident.

Short Takes – 2-7-26 – Federal Register Edition

Requests for Comments; Clearance of a Renewed Approval of Information Collection: Small Unmanned Aircraft Registration System; Correction. Federal Register FAA ICR correction notice. Summary: “On January 29, 2026, FAA published a notice and request for comments titled “Agency Information Collection Activities: Requests for Comments; Clearance of a Renewed Approval of Information Collection: Small Unmanned Aircraft Registration System”. That notice and request for comments incorrectly stated the docket number. This notice corrects the docket number.”

NHTSA Automated Vehicle Safety Public Meeting: March 2026. Federal Register NHTSA meeting notice. Summary: “The National Highway Traffic Safety Administration (NHTSA) will hold a public meeting on March 10, 2026. The event will provide updates and insights into ongoing vehicle automation activities across NHTSA. The meeting will be held in-person and will feature keynote addresses from the DOT leadership and industry executive panel discussions on key Automated Driving Systems (ADS) topics in the morning. The second portion of the meeting will build upon the ADS workshop held November 20, 2025. NHTSA gleaned valuable information from stakeholders on various topics. In this subsequent meeting, NHTSA intends to gather specific input on potential actions, including potential future guidance to the safe domestic development, testing and deployment of ADS equipped vehicles. NHTSA intends to utilize stakeholder input to better inform the agency's upcoming activities. The event will not be live streamed.”

Regulatory Issue Summary: Personnel Access Authorization Requirements for Non-Immigrant Foreign Nationals Working at Nuclear Power Plants. Federal Register NRC guidance notice. Summary: “The U.S. Nuclear Regulatory Commission (NRC) is issuing Regulatory Issue Summary (RIS) 2026-01, “Personnel Access Authorization Requirements For Non-Immigrant Foreign Nationals Working At Nuclear Power Plants,” to remind licensees of the NRC requirement that prior to granting or reinstating unescorted access (UA) or certifying unescorted access authorization (UAA) to non-immigrant foreign nationals for the purpose of performing work, licensees shall validate that the foreign national's claimed non immigration status is correct.”

Pipeline Safety: Request for Special Permit. Federal Register PHMSA special permit request. Summary: “The REX Pipeline was constructed under waiver Docket No. PHMSA-2006-23998 as an AMAOP pipeline before the AMAOP regulations under § 192.620 were promulgated. Another special permit under Docket No. PHMSA PHMSA-2022-0044 was later issued to allow for a waiver of class location change requirements under 49 CFR 192.611 for segments originally operated under the 2006 waiver; 49 CFR 192.620(c)(8) allows a Class 1 and Class 2 location to be upgraded one class due to class location changes. This special permit is proposed to supersede and replace both previous special permits to create a unified and consistent approach to pipeline safety, operations, and compliance by aligning the regulatory framework applicable to the REX Pipeline with existing Federal regulations.”

Review – Public ICS Disclosures – Week of 1-31-26 – Part 1

This week we have a moderately busy disclosure week. For Part 1 there nine are vendor disclosures from Cisco, Delta Electronics, Eaton, ELECOM (2), HP, Moxa (2), and Pilz.

Advisories

Cisco Advisory - Cisco published an advisory that describes a use of hard-coded credentials vulnerability in their Prime Infrastructure product.

Delta Advisory - Delta published an advisory that describes a stack-based buffer overflow vulnerability in their ASDA-Soft product.

Eaton Advisory - Eaton published an advisory that describes two improper certificate validation vulnerabilities in their Network Cards products.

ELECOM Advisory #1 - JPCERT published an advisory that describes five vulnerabilities in multiple ELECOM wireless LAN routers.

ELECOM Advisory #2 - JPCERT published an advisory that describes four vulnerabilities in multiple ELECOM wireless LAN products.

HP Advisory - HP published an advisory that discusses 287 vulnerabilities in their ThinPro products.

Moxa Advisory #1 - Moxa published an advisory that describes two vulnerabilities in the industrial computers.

Moxa Advisory #2 - Moxa published an advisory that describes a reliance on security through obscurity vulnerability in their Ethernet Switches.

Pilz Advisory - CERT-VDE published an advisory that discusses four vulnerabilities in the Pilz PIT User Authentication Service.

 

For more information on these disclosures, including links to 3^rd party advisories, see my article at CFSN Detailed Analysis - https://patrickcoyle.substack.com/p/public-ics-disclosures-week-of-1-844 - subscription required.

Review – Bills Introduced – 2-5-26

Yesterday with just the Senate in Washington, and the House meeting in pro forma session, there were 55 bills introduced. One of those bills will receive additional coverage in this blog:

HR 7390 SELF DRIVE Act of 2026 Latta, Robert E. [Rep.-R-OH-5]

 

For more information on these bills, including legislative history for similar bills in the 118^th Congress, as well as a mention-in-passing of a bill requiring a study of power transmission lines on highway and rail rights of way, see my article at CFSN Detailed Analysis - https://patrickcoyle.substack.com/p/bills-introduced-2-5-26 - subscription required.