CSB Announces Investigation of Nitro WV Incident

 Yesterday, the Chemical Safety Board announced that it was opening an investigation into the fatal chemical release on April 22 at the Catalyst Refiners, Inc. facility in Nitro, West Virginia that resulted in the death of two workers and injured several others. News reports indicate that the affected unit was in a shutdown process when a chemical reaction caused the release of hydrogen sulfide gas. Two facility employees died and 19 people, including first responders, were transported to local hospitals for chemical exposure issues. 

The incident has not yet been added to the CSB’s Current Investigations page. That probably will not happen for a week or so. 

Review – Bills Introduced – 4-22-26

Yesterday, with both the House and Senate in session, there were 54 bills introduced. One of those bills will receive additional coverage in this blog: 

• S 4380 A bill to grant authority to use counter-unmanned aircraft system technologies to private owners of critical infrastructure facilities, and for other purposes. Cotton, Tom [Sen.-R-AR] 

Space Geek Legislation  

I would like to mention one bill under my limited Space Geek coverage in this blog: 

• HR 8458 To amend title 51, United States Code, to authorize certain actions to protect certain facilities and assets from unmanned aircraft, and for other purposes. Soto, Darren [Rep.-D-FL-9] 

For more information on these bills, including legislative history for similar bills in the 118th Congress, see my article at CFSN Detailed Analysis - https://patrickcoyle.substack.com/p/bills-introduced-4-22-26 - subscription required. 

Review – 6 Advisories and 1 Update Published – 4-23-26

 Today CISA’s NCCIC-ICS published six control system security advisories for products from Intrado, Hangzhou Xiongmai Technology Co, SpiceJet, Milesight, Carlson Software, and YADEA. There is also an update for an advisory for products from Schneider Electric. I also take a down-the-rabbit-hole look at a second Hangzhou vulnerability. 

Advisories  

Intrado Advisory - This advisory describes a path traversal vulnerability in the Intrado 911 Emergency Gateway. 

Hangzhou Advisory - This advisory describes a missing authentication for critical function vulnerability in the Hangzhou Xiongmai Technology Co., Ltd XM530 IP Camera. 

SpiceJet Advisory - This advisory describes two vulnerabilities in the SpiceJet Online Booking System. 

Milesight Advisory - This advisory describes five vulnerabilities in multiple Milesight Cameras. 

Carlson Advisory - This advisory describes a missing authentication for critical function vulnerability in the Carlson Software VASCO-B GNSS Receiver. 

Yadea Advisory - This advisory describes a weak authentication vulnerability in the Yadea T5 Electric Bicycle. 

Updates  

Schneider Update - This update provides additional information on the Modicon Controllers advisory that was originally published on April 23rd, 2026. 

For more information on these advisories, including a down-the-rabbit-hole look at an additional Hangzhou vulnerability, see my article at CFSN Detailed Analysis - https://patrickcoyle.substack.com/p/6-advisories-and-1-update-published-6ff - subscription required. 

Review - TSA Publishes Initial Insider Threat Reporting 60-day ICR Notice

Today, the Transportation Security Administration (TSA) published a 60-day information collection request (ICR) in the Federal Register (91 FR 21831-21832) on “Insider Threat Incident Reporting Tool”. The Reporting Tool will support the TSA Insider Threat Program. TSA is proposing an online tool to collect this information. 

The table below provides the initial burden estimate for this ICR. 

Public Comments 

The TSA is soliciting public comments on this ICR. Comments may be submitted by email to TSAPRA@tsa.dhs.gov. Comments should be submitted by June 22nd, 2026. 

For more information on this ICR, see my artilce at CFSN Detailed Analysis - https://patrickcoyle.substack.com/p/tsa-publishes-initial-insider-threat - subscription required. 

House NASA Budget Request Hearing – 4-22-26

 Yesterday, the House Science, Space, and Technology Committee added a hearing to be held today on “A Review of the President’s Budget Request for the National Aeronautics and Space Administration for Fiscal Year 2027”. The sole witness was NASA Administrator Isaacman (statement here). 

It is interesting to note that the opening statements from both Chair Babin and Ranking Member Lofgren expressed concerns about cuts proposed in the President’s FY 2027 budget request. A video of the hearing is available here. 

Short Takes – 4-22-26 - Federal Register Edition

 Hazardous Materials: Notice of Public Meetings in 2026 for International Standards on the Transport of Dangerous Goods. Federal Register PHMSA meeting notice. Summary: “This notice announces that the Pipeline and Hazardous Materials Safety Administration (PHMSA) Office of Hazardous Materials Safety (OHMS) will host three public meetings during 2026 in advance of certain international meetings. The first meeting will be held in preparation for the 68th session of the United Nations Sub-Committee of Experts on the Transport of Dangerous Goods (UNSCOE TDG) scheduled for June 29 to July 8, 2026, in Geneva, Switzerland. The second meeting will be held in preparation for the International Civil Aviation Organization's (ICAO) Dangerous Goods Panel (DGP) Working Group 26 (WG/26) tentatively scheduled for October 2026 in Montreal, Canada. The third meeting will be held in preparation for the 69th session of the UNSCOE TDG scheduled for November 23 to December 1, 2026, in Geneva, Switzerland. For each of these meetings, PHMSA will solicit public input on current proposals.” 

Notice of Availability of the Draft Section 9.0 Security Program for Hydropower Guidance and Request for Comments. Federal Register FERC notice of availability. Summary: “The staff of the Office of Energy Projects (OEP) has revised Section 9.0 of its Security Program for Hydropower Guidance (Guidance) to modernize the Commission's existing guidance for cybersecurity practices at licensed projects. The Section 9.0 revisions reflect technological advancements and lessons learned through recent inspections and audits. The revised Section 9.0 Guidance updates definitions, applicability criteria, and the technical measures used to evaluate and protect cyber and control-system assets. The staff is asking for public input and suggestions for modifications to the Section 9.0 revisions of the Guidance from hydropower owners and operators, federal and state agencies, and other interested parties with expertise in the implementation of cybersecurity practices. The more specific your comments, the more useful they will be. Please note that this comment period will close on Monday, May 18, 2026, 5:00 p.m. Eastern Time.” 

National Emission Standards for Hazardous Air Pollutants: Crude Oil and Natural Gas Production Facilities and Natural Gas Transmission and Storage Facilities; Technology Review and Reconsideration. Federal Register EPA notice of proposed rulemaking. Summary: “The U.S. Environmental Protection Agency (EPA) is proposing an action related to the National Emission Standards for Hazardous Air Pollutants (NESHAP) from Crude Oil and Natural Gas Production Facilities and from Natural Gas Transmission and Storage Facilities (Oil and Gas NESHAP) in connection with a technology review pursuant to Clean Air Act (CAA) section 112. Based on the EPA's review the Agency is not proposing any revision to the current standards in the NESHAP. With respect to unregulated pollutants, the EPA is proposing standards for methanol from regulated emission points at crude oil and natural gas production facilities that will result in no additional control requirements. The EPA is further proposing two alternative approaches to emission points not currently regulated in these NESHAP. Under the first approach, we are proposing that the Agency does not have an obligation to regulate previously unregulated emission points when conducting a CAA section 112(d)(6) review and to defer action on that basis. Under the second approach, we are proposing new control standards for previously unregulated emission points, which include: acid gas removal units, transport vessel loading operations, and storage vessels without flash emissions at crude oil and natural gas production facilities, as well as storage vessels, transport vessel loading and natural gas-driven process controllers and pumps at natural gas transmission and storage facilities.” 

Space Geek Entries 

Flight Analog Projects (FAP) Crew Selection Questionnaire. Federal Register NASA 30-day ICR renewal notice. 

Space Launch and Reentry Licensing and Permitting User Fees. Federal Register FAA policy statement. 

Executive Orders  

EO 14401 – Accelerating Medical Treatments for Serious Mental Illness. Federal Register.