Real-time global intelligence

© 2026 OpenWatch. All rights reserved.

For informational and entertainment purposes only. Not investment advice.

Platform

Brief
Signals
Cascade
Trajectories
Wagers
Track Record
Countries
Companies
Industries
Themes
Rankings

Tools

Globe
Analytics
Crises
Clusters
Supply Chain
Alliances
Screener
Watchlist
Portfolio

Developer

Status

Sources

View all sources →

1,000+ tracked sources

Signals updated every 15 minutes

Not investment advice. OpenWatch is provided for informational and entertainment purposes only. While we strive for accuracy, precision, and source attribution in all intelligence assessments, geopolitical analysis involves inherent uncertainty and our conclusions may be incomplete, delayed, or incorrect. Nothing on this platform constitutes financial, investment, legal, or professional advice of any kind. Forward-looking scenarios and probability estimates are analytical hypotheses — not independently validated forecasts. Any actions taken based on information found here are solely your responsibility. Always consult a qualified financial advisor before making investment decisions. Past signal patterns do not guarantee future outcomes.

Methodology
Privacy Policy
Terms of Use

openwatch.io

v·b5fbd6e

Search

Congressional trades, bills, prediction markets, hearings, and intelligence signals. Signal search supports: AND OR "exact phrase" -exclude

Keywords

Threat Layer

Military Cyber Economic Disaster Political Criminal Health Supply Chain

Signal Type

Any Crisis Update Resolution

Region

Country

Min. Severity

Any ≥ 3 ≥ 5 ≥ 7 ≥ 9

Date Range

Clear all filters

Sort by

Severity Newest

↓Export CSV (requires API key)

Themes:🧠AI Chip Bottleneck 🛡US Defense Surge ⚓Shipping Lane Fragmentation 🔌Taiwan Semiconductor Risk

299 signals for Cyber+Health+Criminal+Military · Mali

Page 7 of 12

CyberCrisis🇺🇸United States 🇲🇱Mali29d ago

The US Cybersecurity and Infrastructure Security Agency (CISA) has added a Palo Alto Networks PAN-OS vulnerability (CVE-2026-0300) to its Known Exploited Vulnerabilities Catalog, indicating the flaw is being actively exploited by malicious actors. Federal agencies must remediate the vulnerability under Binding Operational Directive 22-01, and CISA urges all organizations to prioritize patching as part of their vulnerability management.

5.5/10·CISA Current Activity·Mali

Primary Source ↗Details →

MilitaryCrisis🇲🇱Mali30d ago

UN warns of worsening human rights crisis in Mali after deadly attacks The human rights situation in Mali is rapidly deteriorating following coordinated attacks by armed groups across the country, with civilians killed, displaced and cut off from food and aid, UN rights office OHCHR said on Tuesday.

5.5/10·UN News Global

Primary Source ↗Details →

CyberCrisis🇲🇱Mali30d ago

Kaspersky researchers have uncovered a supply chain attack against DAEMON Tools, in which malicious payloads were embedded in legitimate installers distributed directly from the software's official website and signed with authentic developer certificates — making the compromise difficult for most users to detect.

5.5/10·The Hacker News·Mali

Primary Source ↗Details →

CyberCrisis🇲🇱Mali35d ago

Security researchers at Atos Threat Research Center have identified a sophisticated malware campaign using SEO manipulation to lure enterprise IT professionals into downloading fake versions of administrative tools they use daily, putting high-privilege accounts at risk.

5.5/10·The Hacker News·Mali

Primary Source ↗Details →

CyberCrisis🇺🇸United States 🇲🇱Mali45d ago

The Cybersecurity and Infrastructure Security Agency (CISA) has added eight newly discovered vulnerabilities showing evidence of active exploitation to its Known Exploited Vulnerabilities Catalog. The vulnerabilities span multiple critical systems including PaperCut NG/MF, JetBrains TeamCity, Kentico Xperience, Quest KACE, Zimbra Collaboration Suite, and Cisco Catalyst SD-WAN Manager, affecting authentication, path traversal, and information disclosure. Federal agencies are required to remediate these vulnerabilities by specified deadlines under Binding Operational Directive 22-01, and CISA urges all organizations to prioritize patching as part of their vulnerability management strategy.

5.5/10·CISA Current Activity·Mali

Primary Source ↗Details →

CyberCrisis🇺🇸United States 🇲🇱Mali49d ago

The Cybersecurity and Infrastructure Security Agency (CISA) has added Apache ActiveMQ's CVE-2026-34197 improper input validation vulnerability to its Known Exploited Vulnerabilities Catalog, citing evidence of active exploitation in the wild. Federal agencies are required to remediate the flaw under Binding Operational Directive 22-01, and CISA is urging all organizations to prioritize patching as part of vulnerability management practices.

5.5/10·CISA Current Activity·Mali

Primary Source ↗Details →

CyberCrisis🇺🇸United States 🇲🇱Mali51d ago

The US Cybersecurity and Infrastructure Security Agency (CISA) added two Microsoft vulnerabilities to its catalog of known exploited vulnerabilities based on evidence of active attacks. A remote code execution flaw in Microsoft Office (CVE-2009-0238) and an improper input validation vulnerability in SharePoint Server (CVE-2026-32201) are now listed as actively exploited by threat actors. Federal civilian agencies must remediate these by mandatory deadlines; CISA is urging all organizations to prioritize patching as part of routine vulnerability management.

5.5/10·CISA Current Activity·Mali

Primary Source ↗Details →

CyberUpdate🇺🇸United States 🇲🇱Mali52d ago

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added seven newly exploited vulnerabilities to its Known Exploited Vulnerabilities Catalog, including flaws in Microsoft Windows, Exchange Server, and Adobe Acrobat. Federal agencies are required to patch these vulnerabilities under Binding Operational Directive 22-01, though CISA is urging all organizations to prioritize remediation given active exploitation in the wild.

5.5/10·CISA Current Activity·Mali

Primary Source ↗Details →

CyberCrisis🇺🇸United States 🇲🇱Mali59d ago

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a Fortinet FortiClient EMS vulnerability to its Known Exploited Vulnerabilities catalog after detecting active exploitation by malicious actors. Federal civilian agencies are required to patch the flaw under Binding Operational Directive 22-01, and CISA is urging all organizations to prioritize remediation of the vulnerability as part of their vulnerability management practices.

5.5/10·CISA Current Activity·Mali

Primary Source ↗Details →

CyberCrisis🇺🇸United States 🇲🇱Mali64d ago

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a Google Dawn use-after-free vulnerability (CVE-2026-5281) to its Known Exploited Vulnerabilities Catalog after detecting active exploitation in the wild. Federal civilian agencies are required under Binding Operational Directive 22-01 to remediate the flaw on a set timeline, and CISA is urging all organizations to prioritize patching as part of routine vulnerability management.

5.5/10·CISA Current Activity·Mali

Primary Source ↗Details →

CyberCrisis🇺🇸United States 🇲🇱Mali66d ago

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a critical Citrix NetScaler vulnerability (CVE-2026-3055) to its catalog of known exploited vulnerabilities, citing evidence of active attacks. Federal agencies are required to patch the flaw under binding federal directive, and CISA is urging all organizations to prioritize remediation to reduce exposure to cyberattacks.

5.5/10·CISA Current Activity·Mali

Primary Source ↗Details →

CyberCrisis🇺🇸United States 🇲🇱Mali70d ago

The US Cybersecurity and Infrastructure Security Agency (CISA) has added CVE-2026-33634, an embedded malicious code vulnerability in Aqua Security's Trivy tool, to its Known Exploited Vulnerabilities catalog after confirming active exploitation. Federal agencies are required to remediate the vulnerability under Binding Operational Directive 22-01, though CISA urges all organizations to prioritize patching given the tool's widespread use in software supply chains.

5.5/10·CISA Current Activity·Mali

Primary Source ↗Details →

CyberCrisis🇺🇸United States 🇲🇱Mali71d ago

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added a Langflow code injection vulnerability (CVE-2026-33017) to its Known Exploited Vulnerabilities catalog after confirming active exploitation by malicious actors. Federal agencies are required to remediate the flaw by CISA's deadline, while CISA urges all organizations to prioritize patching to defend against ongoing attacks.

5.5/10·CISA Current Activity·Mali

Primary Source ↗Details →

CyberCrisis🇺🇸United States 🇲🇱Mali76d ago

The US Cybersecurity and Infrastructure Security Agency has added five actively exploited vulnerabilities to its Known Exploited Vulnerabilities catalog, including multiple flaws in Apple products and critical code injection vulnerabilities in Craft CMS and Laravel Livewire. Federal agencies are required to patch these by specified deadlines, and CISA is urging all organizations to prioritize remediation as part of vulnerability management practice.

5.5/10·CISA Current Activity·Mali

Primary Source ↗Details →

CyberCrisis🇺🇸United States 🇲🇱Mali77d ago

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added a critical deserialization vulnerability in Cisco Secure Firewall Management Center and Security Cloud Control to its Known Exploited Vulnerabilities catalog, citing evidence of active exploitation. Federal agencies are required to remediate the flaw by a mandated deadline under Binding Operational Directive 22-01, and CISA is urging all organizations to prioritize patching to prevent cyberattacks.

5.5/10·CISA Current Activity·Mali

Primary Source ↗Details →

CyberCrisis🇺🇸United States 🇲🇱Mali78d ago

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has listed CVE-2025-66376, a cross-site scripting vulnerability in Zimbra Collaboration Suite, as actively exploited in the wild. Federal agencies must remediate the flaw by a legally mandated deadline, and CISA is urging all organizations to prioritize patching as part of vulnerability management.

5.5/10·CISA Current Activity·Mali

Primary Source ↗Details →

CyberCrisis🇺🇸United States 🇲🇱Mali78d ago

The U.S. Cybersecurity and Infrastructure Security Agency has flagged a critical Microsoft SharePoint vulnerability (CVE-2026-20963) as actively exploited in the wild, adding it to its official catalog of known vulnerabilities that require urgent patching by federal agencies. The deserialization flaw is a common attack vector used by malicious actors and poses substantial risk to federal networks and broader organizational infrastructure.

5.5/10·CISA Current Activity·Mali

Primary Source ↗Details →

CyberCrisis🇺🇸United States 🇲🇱Mali80d ago

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added CVE-2025-47813, a Wing FTP Server information disclosure vulnerability, to its Known Exploited Vulnerabilities catalog after confirming active exploitation in the wild. Federal civilian agencies must remediate the flaw under Binding Operational Directive 22-01, with CISA urging all organizations to prioritize patching as part of vulnerability management.

5.5/10·CISA Current Activity·Mali

Primary Source ↗Details →

CyberCrisis🇺🇸United States 🇲🇱Mali83d ago

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added two Google vulnerabilities to its Known Exploited Vulnerabilities Catalog following evidence of active exploitation in the wild: CVE-2026-3909 (Google Skia out-of-bounds write) and CVE-2026-3910 (Google Chromium V8 flaw). Federal agencies are required to patch these vulnerabilities by a mandatory deadline under Binding Operational Directive 22-01, and CISA urges all organizations to prioritize remediation as part of standard vulnerability management.

5.5/10·CISA Current Activity·Mali

Primary Source ↗Details →

CyberCrisis🇺🇸United States 🇲🇱Mali85d ago

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a new vulnerability to its Known Exploited Vulnerabilities catalog: CVE-2025-68613 affecting n8n, a workflow automation platform. The vulnerability involves improper control of dynamically-managed code resources and has evidence of active exploitation in the wild. Federal agencies are required to remediate the flaw by a mandated deadline under CISA's Binding Operational Directive 22-01.

5.5/10·CISA Current Activity·Mali

Primary Source ↗Details →

CyberCrisis🇨🇦Canada 🇨🇳China 🇭🇰Hong Kong+3127d ago

Introduction This week Google and partners took action to disrupt what we believe is one of the largest residential proxy networks in the world, the IPIDEA proxy network. IPIDEA’s proxy infrastructure is a little-known component of the digital ecosystem leveraged by a wide array of bad actors. This disruption, led by Google Threat Intelligence Group (GTIG) in partnership with other teams, included three main actions: Took legal action to take down domains used to control devices and proxy traffic through them.

5.5/10·Mandiant Threat Intelligence·Hong Kong, Central and Western

Primary Source ↗Details →

MilitaryCrisis🇲🇱Mali19d ago

Jihadist militants linked to al-Qaeda's Support Group for Islam and Muslims (JNIM) set several transport buses on fire near Bamako on Saturday and have maintained a blockade around Mali's capital since late April. In response to the deteriorating security situation, a relative of Mali's most influential religious leader called for dialogue.

5.2/10·RFI Français·Bamako, Bamako

Primary Source ↗Details →

MilitaryUpdate🇯🇲JM 🇲🇱Mali7d ago

KINGSTON, Jamaica — State Minister in the Office of the Prime Minister, Senator Abka Fitz-Henley, has criticised the Opposition People’s National Party (PNP) for what he described as a “malicious tendency” to discredit “competent and patriotic Jamaicans” who serve in crucial posts. His remarks came in response to a statement issued by the PNP questioning whether Ambassador Antony Anderson formally applied for the role of chief executive officer (CEO) of the National Reconstruction and Resilience Authority (NaRRA) before being appointed by Prime Minister Andrew Holness on Wednesday. The Opposition, referring to Anderson as a “loyal military and policing technocrat”, raised concerns about the recruitment and selection process for the post.

5.1/10·Jamaica Observer·Kingston, Kingston

Primary Source ↗Details →

CyberUpdate🇲🇱Mali7d ago

CISA is prioritizing the response to multiple emerging software supply chain intrusion campaigns targeting developer ecosystems Continuous Integration/Continuous Development (CI/CD) pipelines. These recent incidents, including the GitHub compromise via a malicious Nx Console Visual Studio Code (VS Code) extension and the “Megalodon” supply chain intrusion campaign, demonstrate how cyber threat actors are abusing tools and processes that support enterprise, cloud, and DevOps environments—specifically CI/CD pipelines, code extensions and workflows.  Threat actors leveraged a prior compromise of Nx developer systems to compromise a GitHub employee’s device through a poisoned third-party VS Code extension, resulting in unauthorized access and exfiltration of internal GitHub repositories. The malicious extension version (18.95.0) was distributed through VS Code’s automatic update mechanism, meaning systems with Nx Console previously installed may have received the malicious build without developers taking any manual installation action.

5.1/10·CISA Current Activity

Primary Source ↗Details →

CyberUpdate🇺🇸United States 🇲🇱Mali13d ago

The US Cybersecurity and Infrastructure Security Agency (CISA) added CVE-2026-9082, a SQL injection flaw in Drupal Core, to its catalog of known exploited vulnerabilities, indicating active real-world attacks are already underway. Federal agencies are required to patch the vulnerability under Binding Operational Directive 22-01, and CISA is urging all organizations to prioritize remediation.

5.0/10·CISA Current Activity

Primary Source ↗Details →