Search

Saffron Pastries Recalls Various Products Due to Potential Rodent Contamination

Saffron Pastries is recalling various Saffron Pastries brand products because of potential rodent contamination identified by the Food Standards Agency. Point of sale notices will be displayed in retail stores, and customers are advised not to eat the products and to return them to the place of purchase for a full refund. This Update 1 corrects the best before dates of five products previously listed in the original alert.

American Manufacturing Surges to Four-Year High as Factory Activity Expands

The White House announced on April 22, 2026, that the Institute for Supply Management's key manufacturing index registered its third consecutive month of expansion at its highest reading since 2022. Major companies announced significant U.S. manufacturing investments including U.S. Steel restarting its Gary Tin Mill in Indiana (225 jobs), Apple committing $600 billion over four years, Nvidia pledging $500 billion for AI chip production, and Johnson & Johnson investing $55 billion in new U.S. manufacturing. Foreign pharmaceutical companies AstraZeneca ($50 billion), Bristol Myers Squibb ($40 billion), and GSK ($30 billion) also announced major U.S. manufacturing expansions.

Siemens RUGGEDCOM CROSSBOW Privilege Escalation Vulnerability, CVSS 8.8, Update V5.8

CISA republished Siemens ProductCERT advisory SSA-741509 disclosing CVE-2026-27668, a high-severity privilege escalation vulnerability in RUGGEDCOM CROSSBOW Secure Access Manager Primary (SAM-P) with a CVSS v3 score of 8.8. All versions prior to version 5.8 are affected. Siemens has released version 5.8 as the remediation and recommends immediate update. Organizations operating affected equipment in critical manufacturing and industrial control environments should apply the update and review CISA's recommended defensive measures.

SenseLive X3050 10 Critical Vulnerabilities CVSS 9.8

CISA ICS-CERT has disclosed 10 vulnerabilities in SenseLive X3050 industrial IoT gateway firmware V1.523, including a critical authentication bypass (CVSS 9.8) that could allow remote attackers complete device control. Affected sectors include Critical Manufacturing, Water and Wastewater, Energy, and Information Technology. SenseLive did not respond to CISA's coordination requests, leaving users without vendor-supported patches. The advisory recommends isolating affected devices and contacting the vendor directly for mitigations.

Silex Technology SD-330AC and AMC Manager 12 Critical Vulnerabilities

CISA published an advisory detailing 12 critical and high-severity vulnerabilities affecting Silex Technology SD-330AC firmware versions up to 1.42 and AMC Manager versions up to 5.0.2, with CVSS scores ranging from 8.8 to 9.8. The most severe vulnerability is a Heap-based Buffer Overflow (CVSS 9.8 CRITICAL) that could allow arbitrary code execution without authentication. Silex Technology has released fixed versions: SD-330AC firmware Ver 1.50 or later and AMC Manager Ver.5.1.0 or later. As a mitigation for select vulnerabilities, organizations can disable HTTP/HTTPS service. The affected products are deployed in Information Technology sector across critical infrastructure worldwide.

Improper Certificate Validation Flaw Affects Multiple Siemens Apps

CISA republished Siemens ProductCERT advisory SSA-981622 describing an improper certificate validation vulnerability (CVE-2025-40745, CVSS 3.7) affecting Siemens Analytics Toolkit and related applications including Simcenter 3D, Simcenter Femap, Simcenter STAR-CCM+, Solid Edge SE2025, Solid Edge SE2026, Tecnomatix Plant Simulation, and Siemens Software Center. The flaw could allow an unauthenticated remote attacker to perform man-in-the-middle attacks. Siemens has released patched versions and recommends updating to the latest releases. The vulnerability impacts critical manufacturing sector entities worldwide.

Siemens RUGGEDCOM CROSSBOW SAC SQLite Vulnerability CVE-2025-6965

CISA republished Siemens ProductCERT advisory SSA-225816 describing a Numeric Truncation Error vulnerability (CVE-2025-6965) in SQLite versions before 3.50.2 affecting Siemens RUGGEDCOM CROSSBOW Station Access Controller (SAC) versions prior to V5.8. The vulnerability carries a CVSS v3 base score of 7.7 (HIGH) and could allow an attacker to achieve arbitrary code execution and create a denial of service condition through a memory corruption issue. Siemens recommends updating to V5.8 or later. The advisory applies to the Critical Manufacturing sector with worldwide deployment.

FRA CRISI Program FY 2025-2026 NOFO for $2.04B Rail Infrastructure Funding

The Federal Railroad Administration (FRA) has published a Notice of Funding Opportunity (NOFO) for the Consolidated Rail Infrastructure and Safety Improvements (CRISI) program for Fiscal Years 2025 and 2026. The NOFO makes available up to $2,039,246,480 in grant funding for eligible rail infrastructure and safety projects. Applications must be submitted through Grants.gov by the stated deadline.

SB121 Signed: Transfer and Appropriation for Richmond Lake Dam Replacement, Emergency Declared

South Dakota Governor signed SB121 on March 30, 2026, enacting legislation to transfer and appropriate moneys for the replacement of the Richmond Lake dam and spillway. The bill carries an emergency clause, indicating immediate implementation. Sponsors include Representatives Al Novstrup and Carl Perry, and Senator Ernie Otten. The Senate passed the final Conference Committee Report 28-2 and the House passed 61-3.

Presidential Determination on Grid Infrastructure Under Defense Production Act

The President has issued a determination under Section 303 of the Defense Production Act finding that grid infrastructure—including transformers, transmission lines, substations, high-voltage circuit breakers, power electronics, protective relay systems, capacitor banks, electrical core steel, and related manufacturing equipment—is essential to national defense. The determination finds that domestic industry cannot timely provide these capabilities due to limited domestic production capacity, extended procurement timelines, foreign supply dependence, and insufficient capital investment. Pursuant to section 303(a)(7), the President waived standard DPA requirements to expedite expanding domestic manufacturing capacity for these critical components and directed the Secretary of Energy to implement the determination.

Notice of Funding Opportunity for the Fiscal Years 2025-2026 Federal-State Partnership for Intercity Passenger Rail Program for Projects Located on the Northeast Corridor

The Federal Railroad Administration has published a Notice of Funding Opportunity (NOFO) for the FY2025-2026 Federal-State Partnership for Intercity Passenger Rail Program for Northeast Corridor projects. Up to $4,750,212,830 in grant funding is available for eligible projects. Applications must be submitted through Grants.gov by May 5, 2026.

Takes of Marine Mammals Incidental to Francis Scott Key Bridge Rebuild, Baltimore MD

NMFS has received a request from the Federal Highway Administration for two consecutive incidental harassment authorizations to take marine mammals incidental to the Francis Scott Key Bridge Rebuild project in Baltimore, MD. The proposal would authorize Level B harassment take of Tamanend's bottlenose dolphins during pile driving activities. NMFS is requesting public comments on the proposed IHAs and possible 1-year renewals.

Siemens Industrial Edge Management Authorization Bypass Vulnerability, CVSS 7.1

CISA republished an advisory from Siemens ProductCERT describing an authentication bypass vulnerability (CVE-2026-33892, CVSS 7.1 HIGH) in Siemens Industrial Edge Management affecting Pro V1 (versions below V1.15.17), Pro V2 (versions below V2.1.1), and Virtual (versions below V2.8.0). An unauthenticated remote attacker can circumvent authentication on the remote connection feature and tunnel to connected Industrial Edge Devices, provided the remote connection feature is enabled and the attacker has identified the relevant header and port. Siemens has released patched versions; CISA recommends network access restrictions and applying vendor updates.

Hardy Barth Salia EV Charge Controller Vulnerabilities, CVSS 6.3 and 7.3

CISA ICS-CERT published advisory ICSA-26-111-05 disclosing two vulnerabilities in Hardy Barth Salia EV Charge Controller firmware versions <=2.3.81. CVE-2025-5873 (CVSS 6.3, MEDIUM) affects the /firmware.php file in the Web UI component via an unrestricted file upload vulnerability, while CVE-2025-10371 (CVSS 7.3, HIGH) affects the /api.php file via an unrestricted upload through the setrfidlist argument. Both vulnerabilities could allow remote code execution. The vendor did not respond to CISA's coordination requests, and no patches are currently available. The affected device is deployed across Energy and Transportation Systems critical infrastructure sectors worldwide.

Zero Motorcycles Firmware Bluetooth Pairing Vulnerability ICSA-26-111-06

CISA ICS-CERT published advisory ICSA-26-111-06 disclosing a Bluetooth pairing vulnerability (CVE-2026-1354) in Zero Motorcycles Firmware versions 44 and prior. The vulnerability, rated CVSS 6.4 (MEDIUM), enables an attacker in proximity to forcibly pair a device with the motorcycle via Bluetooth and potentially upload malicious firmware through the over-the-air update functionality. Zero Motorcycles plans to release a firmware update in May 2026 to address this issue. Organizations using affected Zero Motorcycles products should implement recommended mitigation measures pending the vendor update.

Siemens SINEC NMS Authorization Bypass Vulnerability, CVSS 8.8

CISA has republished Siemens ProductCERT advisory SSA-605717 disclosing an authorization bypass vulnerability (CVE-2026-25654) in SINEC NMS before V4.0 SP3. The flaw allows an authenticated remote attacker to bypass authorization checks and reset the password of any arbitrary user account. Affected users should update to V4.0 SP3 or later and limit network access to trusted users and systems only.

Ferrovial BAM Rail ISA Service Tender, £150k-£250k

UK Government Contracts Finder has published an open tender opportunity for an Independent Safety Assessor (ISA) for Ferrovial BAM Rail JV's track system packages. The contract value is estimated at £150,000 to £250,000 with a closing date of 1 May 2026. The ISA must be appointed in accordance with EN 50126, 50128, and 50129 standards, and for subsystems requiring CCS NTSN compliance, the ISA must also be an accredited Assessment Body in the United Kingdom.

Three Arrested for Allegedly Running St. Thomas Strip Club as Prostitution Ring and Harboring Illegal Aliens

U.S. law enforcement arrested three individuals in St. Thomas, USVI, for allegedly operating Tootsys Gentleman's Club as a prostitution ring while harboring illegal aliens. Hussein Jamil, Magda Castro Santos, and Julio Hidalgo De Pena were charged via criminal complaint with conspiracy to transport for purpose of prostitution, conspiracy to commit interstate and foreign travel or transportation in aid of racketeering enterprises, and conspiracy to harbor aliens for financial gain. If convicted, each defendant faces up to 5 years in prison for the first two charges and up to 10 years for harboring aliens. The arrests were part of the Homeland Security Task Force initiative established by Executive Order 14159.

House Rules Committee Schedules Hearing on Energy, Infrastructure Bills

The House Rules Committee has scheduled a legislative hearing for April 20, 2026 at 4:00 PM local time in Room H-313 of the Capitol in Washington, D.C. The hearing will consider four measures: H.R. 4690 (Reliable Federal Infrastructure Act), H.R. 5587 (Harnessing Energy At Thermal Sources Act of 2026), H.R. 1897 (ESA Amendments Act of 2025), and H. Res. 1182 (support for rural communities). Documents and committee amendments, including an amendment from Rep. McGovern, have been added to the hearing record.

Risk Parameters Change for 5 Securities, 35% to 77%

MOEX is changing the downward IR risk parameter (SEC Δ_1 Y0/Y1) for five securities — ASTR, POSI, OZPH, YDEX, and HNFG — from 35% to 77%. The new parameter values take effect on staggered dates between April 23 and April 28, 2026, with effective windows ranging from one to four business days per security. This represents a significant increase in the risk weight applied to these securities.

Idaho DEQ Awards $89,505 to Bloomington and Roberts for Wastewater Planning

The Idaho Department of Environmental Quality awarded $89,505 in total to two water systems for wastewater facility planning. The City of Bloomington in Bear Lake County received $40,000 toward an $80,000 project, while the City of Roberts in Jefferson County received $49,505 toward a $99,010 project. DEQ's Planning Grant Program covers up to 50% of eligible planning costs for wastewater and drinking water systems seeking to achieve compliance with state and federal standards.

AVEVA Pipeline Simulation Missing Authorization Vulnerability ICSA-26-106-04

CISA ICS-CERT published an advisory (ICSA-26-106-04) disclosing a critical missing authorization vulnerability (CVE-2026-5387) in AVEVA Pipeline Simulation software affecting versions <=2025_SP1_build_7.1.9497.6351. Successful exploitation allows an unauthenticated attacker to perform operations intended for Simulator Instructor or Simulator Developer (Administrator) roles, enabling modification of simulation parameters, training configuration, and training records. The vulnerability has a CVSS v3 score of 9.1 (CRITICAL). CISA recommends upgrading to version 2025 SP1 P01 (build 7.1.9580.8513) or higher, restricting network access, and enabling TLS for API communications.

I-80 Westbound Lane Closure, Jefferson County, April 27th

PennDOT and Bridging Pennsylvania Constructors will close the right lane of I-80 westbound, just east of Richardville Road in Jefferson County, beginning at 7:00 AM on Monday, April 27, 2026. The lane closure is required to accommodate paving operations and is expected to remain in place for approximately seven days. The closure is part of the I-80 North Fork Bridges Project, which includes replacement of the Eastbound and Westbound bridges over State Route 4003 (Jenks Street) and State Route 4005 (Richardsville Road) bridges over I-80, with project completion anticipated in summer 2028.

UK Sets Out Regulatory Pathway for Space-Manufactured Drugs

The UK Space Agency, MHRA, Regulatory Innovation Office, and Civil Aviation Authority announced a coordinated regulatory package to support the growth of in-orbit pharmaceutical manufacturing, providing industry with regulatory guidance, case studies, a regulatory sandbox, and strengthened supply-chain engagement. The package aims to give companies developing medicines in space greater regulatory clarity and a clearer pathway from research in orbit to patient access on Earth. The announcement was made at Space-Comm Expo at ExCeL London on 5 March 2026.

H.R. 4690 Reliable Federal Infrastructure Act Passed 215-202

The House passed H.R. 4690, the Reliable Federal Infrastructure Act, by a vote of 215-202 on April 22, 2026 during the 119th Congress, 2nd Session. The vote split largely along party lines with 209 Republicans and 6 out of 218 Democrats supporting passage, while 1 Republican voted against. The bill now proceeds to the Senate for consideration.

Malicious Axios npm Versions Drop Remote Access Trojan

CISA issued an alert on April 20, 2026 warning that two malicious versions of the Axios npm package—axios@1.14.1 and axios@0.30.4—injected a malicious dependency called plain-crypto-js@4.2.1 that downloads multi-stage payloads including a remote access trojan from cyber threat actor infrastructure at Sfrclak[.]com. Affected organizations are urged to downgrade to safe versions (axios@1.14.0 or axios@0.30.3), delete the malicious dependency, and rotate all potentially exposed credentials including VCS tokens, CI/CD secrets, cloud keys, npm tokens, and SSH keys. CISA also recommends configuring .npmrc with ignore-scripts=true and min-release-age=7 to prevent future supply chain attacks.

Fuel Surcharge Guidance and Multiple Regulatory Updates from Commerce Commission NZ

The Commerce Commission NZ published a collection of regulatory updates on 22 April 2026, including guidance on fuel surcharges, merger review statements, infrastructure approvals, and enforcement actions. The High Court imposed a $2.482 million penalty on Co-operative Bank for breaching the Credit Contracts and Consumer Finance Act 2003. The Commission proposed approving Transpower's $1.1386 billion capex allowance for Cook Strait cable replacement and approved Wellington Electricity's substation upgrade for central Wellington power supply protection. Multiple merger reviews remain ongoing.

TRIG Reports UK CfD Extension for Operational Renewables, EGL Rise to 55%

The Renewables Infrastructure Group Limited (TRIG) notified investors of three UK Government energy policy announcements: the potential extension of Contracts for Difference (CfDs) to operational renewables assets, an increase in the Electricity Generator Levy (EGL) tax rate from 45% to 55% effective 1 July 2026, and the Reformed National Pricing Delivery Plan. TRIG's Managers expect the Company's operational projects to participate in the proposed Wholesale CfD (WCfD) allocation process in 2027, with 75% of projected revenues over the next five years already at fixed prices per unit generated. The EGL change is not expected to impact TRIG's Q1 2026 NAV as power price forecasts remain below the £82.61/MWh threshold in all future periods.

Lateral Decubitus vs Supine Position on Postoperative Hypoxemia (NCT07545642)

NIH registered clinical trial NCT07545642 on April 22, 2026, a prospective real-world study comparing lateral decubitus position (Group L) versus supine position (Group S) in patients undergoing painless gastroscopy/colonoscopy, to determine whether lateral positioning reduces the incidence of postoperative hypoxemia. The trial represents a simple, non-invasive, and low-cost optimization strategy under investigation for clinical practice. This is a study registration record only and does not constitute clinical guidance or regulatory approval.

Hochul Announces Westchester Crossing Groundbreaking in Port Chester

Governor Kathy Hochul announced the groundbreaking of Westchester Crossing in Port Chester on April 22, 2026, a major redevelopment of the former United Hospital site. The approximately $65 million project will receive up to $10 million from the Mid-Hudson Momentum Fund and is expected to deliver 957 new housing units, including 105 affordable homes. Infrastructure improvements include new water, sewer, and stormwater systems, internal roadways and walkways, a High Street bypass, and widening of the I-287 Exit 11 off-ramp and Boston Post Road.

Diaphragmatic Breathing vs Incentive Spirometry for GERD - NCT07544433

Clinical trial NCT07544433 registered on ClinicalTrials.gov evaluates two non-invasive respiratory interventions—diaphragmatic breathing exercise (DBE) and volume-oriented incentive spirometry (VIS)—against standard care in patients with gastroesophageal reflux disease (GERD). The 6-week randomized controlled trial will measure outcomes including GERD symptom scores (GERDQ), esophageal acid exposure time, lower esophageal sphincter pressure, and health-related quality of life (GERD-HRQL). Three groups of participants will undergo baseline and post-intervention assessments with daily symptom and adherence diaries.

Miscellaneous Statutes Amendment Act 2026 Introduced in BC Legislature

The BC government introduced the Miscellaneous Statutes Amendment Act, 2026, to the legislative assembly on April 1, 2026, proposing amendments across seven statutory areas including the Judicial Review Procedure Act (introducing a 60-day application deadline), Fuel Price Transparency Act (industry-funded cost recovery), Zero-Emission Vehicles Act (target adjustments), housing and infrastructure statutes, tenancy acts (correcting errors and aligning evidence rules), University Endowment Land Act (ticketing enforcement), and the Correction Act (mental health crisis response and expanded ISO authority). If passed, the amendments would affect corrections, judicial reviews, tenancy disputes, fuel pricing transparency, ZEV mandates, and local governance across British Columbia.

Data Call, 2025 Property Premium, Due May 22

The Texas Department of Insurance requires companies writing commercial property or businessowners insurance in Texas, and certain farm mutuals writing property insurance, to submit 2025 property direct written premium data for the Texas catastrophe area. Three categories of companies are affected based on their reporting arrangements with Insurance Services Office Inc. Companies must respond even if they do not write applicable business in the catastrophe area. Responses are due no later than May 22, 2026.

$43 Million to Make Local Water Infrastructure Projects Affordable Across New York State

The Environmental Facilities Corporation Board of Directors approved $43 million in low-cost financing and State and federal grants to help New York communities afford water and sewer infrastructure improvements statewide, including lead service line replacement in the City of Utica. Funding recipients span eight regions including the Finger Lakes, Long Island, Mohawk Valley, North Country, and Western New York, with projects addressing watermain replacement, PFAS removal, wastewater treatment plant upgrades, and emergency power facilities.

H.R. 4690 Motion to Recommit Fails 203-214

The House of Representatives voted on H.R. 4690 (Reliable Federal Infrastructure Act), with a motion to recommit failing 203-214. All Republicans voted against recommitment while all Democrats plus one Independent voted in favor. The vote took place on April 22, 2026 during the 119th Congress, 2nd Session.

Governor Meyer Establishes Delaware Election Security Task Force

Governor Meyer has established the Delaware Election Security Task Force to address election infrastructure and security concerns in the state. The task force creation was announced on April 22, 2026. The announcement did not specify task force membership, meeting schedule, or reporting requirements.

DFC CEO Ben Black Highlights Africa's Strategic Economic Promise at Atlantic Council Forum

DFC CEO Ben Black delivered the opening keynote at the Atlantic Council's 'Investing in Africa Forum' on April 16, 2026, on the margins of the 2026 IMF-World Bank Spring Meetings. Black underscored Africa's central role in future global economic growth, citing the continent's expanding markets, workforce, consumer bases, and vast reserves of critical minerals including cobalt, lithium, titanium, and graphite. The speech outlined DFC's strategic approach to investing in energy, technology, infrastructure, logistics, healthcare, and financial services across Africa as part of U.S. economic statecraft to counter geopolitical competitors.

DFC Co-Hosts U.S.-Ukraine Partnership Forum with U.S. Chamber of Commerce

On April 16, 2026, DFC co-hosted the U.S.-Ukraine Partnership Forum with the U.S. Chamber of Commerce to advance Ukraine reconstruction, recovery, and modernization efforts. DFC CEO Ben Black, Chief of Staff Conor Coleman, and Associate General Counsel Jonathan Taylor spoke at the forum, discussing the U.S.-Ukraine Reconstruction Investment Fund (URIF), which has reviewed over 200 investment submissions in sectors including energy, infrastructure, emerging technology, and critical minerals. A recent URIF investment in Sine Engineering, a GPS/navigation/counter-drone technology company, was highlighted as an example of dual-use tech critical to both Ukraine's economic growth and U.S. allied security.

Phase 1 CAR T Cell Trial for Recurrent High-Grade Gliomas

This Phase 1 clinical trial registered on ClinicalTrials.gov (NCT07544992) will evaluate the safety and optimal dosing of EGFR/IL13Rα2 pool-CAR T cells administered locoregionally (via intracranial catheter) in patients with recurrent or progressive high-grade gliomas, including recurrent astrocytoma (IDH-mutant, grade 4) and recurrent glioblastoma (IDH-wildtype). The trial involves leukapheresis to collect patient T cells, genetic engineering to express chimeric antigen receptors targeting EGFR and IL13Rα2 proteins on tumor cells, and subsequent infusion of the modified cells.

Reformed National Pricing: Consultation on Siting and Investment Levers

DESNZ has published a consultation on reforms to siting and investment levers under the Reformed National Pricing programme, which replaces the prior Review of Electricity Market Arrangements (REMA). The consultation seeks views on proposed electricity market reforms described in Chapter 2 of the RNP delivery plan. Responses must be submitted online by 11:59pm on 2 June 2026. Affected energy sector participants should review the proposed siting and investment framework changes and prepare submissions before the deadline.