Real-time global intelligence

© 2026 OpenWatch. All rights reserved.

For informational and entertainment purposes only. Not investment advice.

Platform

Brief
Signals
Cascade
Trajectories
Wagers
Track Record
Countries
Companies
Industries
Themes
Rankings

Tools

Globe
Analytics
Crises
Clusters
Supply Chain
Alliances
Screener
Watchlist
Portfolio

Developer

Status

Sources

View all sources →

1,000+ tracked sources

Signals updated every 15 minutes

Not investment advice. OpenWatch is provided for informational and entertainment purposes only. While we strive for accuracy, precision, and source attribution in all intelligence assessments, geopolitical analysis involves inherent uncertainty and our conclusions may be incomplete, delayed, or incorrect. Nothing on this platform constitutes financial, investment, legal, or professional advice of any kind. Forward-looking scenarios and probability estimates are analytical hypotheses — not independently validated forecasts. Any actions taken based on information found here are solely your responsibility. Always consult a qualified financial advisor before making investment decisions. Past signal patterns do not guarantee future outcomes.

Methodology
Privacy Policy
Terms of Use

openwatch.io

v·b76ea51

Search

Congressional trades, bills, prediction markets, hearings, and intelligence signals. Signal search supports: AND OR "exact phrase" -exclude

Keywords

Threat Layer

Military Cyber Economic Disaster Political Criminal Health Supply Chain

Signal Type

Any Crisis Update Resolution

Region

Country

Min. Severity

Any ≥ 3 ≥ 5 ≥ 7 ≥ 9

Date Range

Clear all filters

Sort by

Severity Newest

↓Export CSV (requires API key)

Themes:🧠AI Chip Bottleneck 🛡US Defense Surge ⚓Shipping Lane Fragmentation 🔌Taiwan Semiconductor Risk

270 signals for Military+Cyber+Health · Mali

Page 7 of 11

CyberUpdate🇺🇸United States 🇲🇱Mali14d ago

The US Cybersecurity and Infrastructure Security Agency (CISA) added CVE-2026-9082, a SQL injection flaw in Drupal Core, to its catalog of known exploited vulnerabilities, indicating active real-world attacks are already underway. Federal agencies are required to patch the vulnerability under Binding Operational Directive 22-01, and CISA is urging all organizations to prioritize remediation.

5.0/10·CISA Current Activity

Primary Source ↗Details →

CyberUpdate🇺🇸United States 🇲🇱Mali21d ago

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added a Microsoft Exchange Server cross-site scripting vulnerability (CVE-2026-42897) to its Known Exploited Vulnerabilities Catalog after confirming active exploitation. Federal agencies are required to remediate the flaw under existing binding directive 22-01, and CISA urges all organizations to prioritize patching as part of standard vulnerability management.

5.0/10·CISA Current Activity·Washington, District of Columbia

Primary Source ↗Details →

CyberUpdate🇺🇸United States 🇲🇱Mali22d ago

The US Cybersecurity and Infrastructure Security Agency (CISA) added a Cisco Catalyst SD-WAN Controller authentication bypass vulnerability (CVE-2026-20182) to its Known Exploited Vulnerabilities catalog, citing evidence of active attacks in the wild. Federal agencies must remediate the flaw under binding operational directive BOD 22-01, and CISA recommends all organizations prioritize patching to prevent exploitation of this frequently-used network infrastructure.

5.0/10·CISA Current Activity

Primary Source ↗Details →

CyberUpdate🇺🇸United States 🇲🇱Mali28d ago

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a SQL injection vulnerability in BerriAI's LiteLLM software to its catalog of known exploited vulnerabilities, signaling active-use attacks in the wild. Federal civilian agencies are required to patch the flaw by a set deadline; CISA is urging all organizations to prioritize remediation as part of routine vulnerability management.

5.0/10·CISA Current Activity·Mali

Primary Source ↗Details →

CyberCrisis🇺🇸United States 🇲🇱Mali58d ago

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has cataloged a newly exploited vulnerability in Ivanti's Endpoint Manager Mobile platform as a known active threat, requiring federal agencies to patch systems by a specified deadline to defend against ongoing attacks.

5.0/10·CISA Current Activity·Mali

Primary Source ↗Details →

CyberCrisis🇺🇸United States 🇲🇱Mali64d ago

The U.S. Cybersecurity and Infrastructure Security Agency has added a TrueConf Client vulnerability to its catalog of known exploited vulnerabilities, following evidence of active attacks in the wild. The flaw allows unauthenticated download of code without integrity verification, creating a high-risk vector for malicious actors targeting federal networks and other organizations.

5.0/10·CISA Current Activity·Mali

Primary Source ↗Details →

MilitaryUpdate🇲🇱Mali14h ago

[DW] Mali's military government is offering $3.5 million for information leading to the arrest or killing of Iyad Ag Ghaly. The junta is also offering smaller rewards for other suspects, including Tuareg separatists.

4.9/10·AllAfrica (Latest Headlines)

Primary Source ↗Details →

MilitaryCrisis🇸🇩Sudan 🇭🇹Haiti 🇲🇲Myanmar+27d ago

Israeli and Russian security forces have been added to a United Nations blacklist on sexual violence in conflict, according to a report reviewed on Thursday by AFP . Published annually by the UN, the list includes dozens of state and non-state groups credibly suspected of having engaged “systematically” in sexual violence in countries such as Sudan, Haiti, the Democratic Republic of Congo, Myanmar, Syria and Mali. Last August, UN Secretary-General Antonio Guterres warned Israel and Russia of their possible inclusion on the list.

4.9/10·Dawn

Primary Source ↗Details →

MilitaryCrisis🇱🇧Lebanon 🇦🇲Armenia 🇲🇱Mali+18d ago

# Tyre: An Archive of the Middle East Raymond Abu Tamarisk's photographs are not merely coastline and sea. They are an open archive of the Middle East, layering Phoenicians, Greeks, Crusaders, and Palestinians atop one another. Here, civilizational heritage intersects with restless geography, and history becomes a daily material that people live.

4.9/10·Nahar·Beirut, Beirut

Primary Source ↗Details →

CyberCrisis🇲🇱Mali17d ago

In yet another software supply chain attack, threat actors have compromised the popular GitHub Actions workflow, actions-cool/issues-helper, to run malicious code that harvests sensitive credentials and exfiltrates them to an attacker-controlled server. "Every existing tag in the repository has been moved to point to an imposter commit that does not appear in the action's normal commit history,

4.9/10·The Hacker News·Mali

Primary Source ↗Details →

CyberCrisis🇰🇵North Korea 🇲🇱Mali116d ago

Written by: Ross Inman, Adrian Hernandez Introduction North Korean threat actors continue to evolve their tradecraft to target the cryptocurrency and decentralized finance (DeFi) verticals. Mandiant recently investigated an intrusion targeting a FinTech entity within this sector, attributed to UNC1069 , a financially motivated threat actor active since at least 2018. This investigation revealed a tailored intrusion resulting in the deployment of seven unique malware families, including a new set of tooling designed to capture host and victim data: SILENCELIFT, DEEPBREATH and CHROMEPUSH.

4.9/10·Mandiant Threat Intelligence·Mali

Primary Source ↗Details →

MilitaryCrisis🇲🇱Mali19d ago

Mali's military-led authorities say they are determined to fight armed groups despite reeling from a series of coordinated attacks by jihadists and separatists in the north of the country at the end of April. A member of the National Transitional Council, and leader of an armed political movement allied with Malian forces, tells RFI the army and junta have the full backing of the people.

4.7/10·RFI Africa (French)

Primary Source ↗Details →

MilitaryUpdate🇲🇱Mali6h ago

Phishing, shadow AI, malicious extensions, and credential theft increasingly happen inside the browser. Keep Aware explains what the 2026 Verizon DBIR reveals about browser-layer security gaps and modern attacks. [...]

4.5/10·Bleeping Computer

Primary Source ↗Details →

MilitaryUpdate🇲🇱Mali18h ago

The Malian government said Thursday it was offering financial rewards for information on ‌the whereabouts of suspected militants wanted for their role in attacks targeting the nation's people and assets.

4.5/10·MyJoyOnline (Ghana — additional)

Primary Source ↗Details →

CyberUpdate🇺🇸United States 🇲🇱Mali4d ago

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added CVE-2024-21182, an Oracle WebLogic Server vulnerability, to its Known Exploited Vulnerabilities Catalog based on evidence of active exploitation. Federal agencies are required to remediate the vulnerability by established deadlines, and CISA recommends all organizations prioritize patching as part of routine vulnerability management.

4.5/10·CISA Current Activity

Primary Source ↗Details →

CyberUpdate🇲🇱Mali6d ago

Microsoft Security researchers discovered a dependency confusion campaign that deployed 33 malicious npm packages to collect reconnaissance data from developer and build environments, exploiting a well-known supply-chain vulnerability in package management systems.

4.5/10·Microsoft Security Blog

Primary Source ↗Details →

MilitaryCrisis🇮🇳India 🇲🇱Mali8d ago

<p>Last offseason, Ben Johnson had to stop practice to bark at quarterback <a class="Link" href="https://chicago.suntimes.com/bears/2026/05/22/bears-coaches-have-a-simple-message-to-qb-caleb-williams-this-offseason-do-less" target="_blank" >Caleb Williams</a> and the rest of the <a class="Link" href="https://chicago.suntimes.com/bears" target="_blank" >Bears</a> offense before they even broke the huddle. The way the Bears operated before the snap disturbed the head coach as much as what happened after it.</p><p>Not so much this year.</p><p>When the Bears held their first practice of their two-week-long OTA Wednesday, Williams knew what Johnson wanted: a quick play call, a huddle broken with urgency and confidence under center.</p><p>“The communication in the huddle, what it looks like to break the huddle, the urgency to the line of scrimmage, the tempo that we want to stress the defense with, the quarterback plays a huge part in that,” Johnson said Thursday before the Bears' second practice. “He orchestrates the whole operation.

4.5/10·Chicago Sun-Times

Primary Source ↗Details →

MilitaryCrisis🇮🇳India 🇨🇳China 🇲🇱Mali8d ago

India and China held "constructive" and "forward-looking" talks on the situation along the Line of Actual Control (LAC) in eastern Ladakh, noting that maintaining border peace and tranquillity enabled progress in the normalisation of overall relations. The two sides discussed various aspects of the border situation during a meeting of the Working Mechanism for Consultation and Coordination (WMCC) in Beijing on Wednesday. "The discussions were constructive and forward looking," the Ministry of External Affairs (MEA) said, a day after the talks.

4.5/10·Business Standard·Beijing, Beijing

Primary Source ↗Details →

MilitaryCrisis🇨🇴Colombia 🇲🇱Mali 🇴🇲Oman8d ago

# Translation Influencer and businesswoman Luisa Fernanda W responded to the criticism she received on social media after revealing that she began a process to remove several of her tattoos. The content creator, who has more than 18.5 million followers on Instagram, explained days ago that she made the decision because many of her tattoos were made on impulse and emotions of the moment that no longer identify her. Following her statements, users on social media, especially on TikTok, criticized the reasons she used to justify starting the procedure with offensive comments toward her personal life decisions.

4.5/10·El Colombiano (Medellín)

Primary Source ↗Details →

HealthCrisis🇨🇴Colombia 🇲🇱Mali 🇴🇲Oman8d ago

A six-month-old baby who was in intensive care in the department of Tolima died after allegedly being sexually abused. "She could not bear the pain and cruelty of an act that should never have occurred," declared Governor Adriana Magali Matiz this Wednesday. The official recalled that the case became known on Tuesday of this week, when the girl was admitted at 4:00 p.m.

4.5/10·El Colombiano (Medellín)

Primary Source ↗Details →

CyberUpdate🇺🇸United States 🇲🇱Mali9d ago

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added three newly exploited vulnerabilities to its Known Exploited Vulnerabilities Catalog: flaws in Daemon Tools Lite, TanStack, and Nx Console. Federal agencies are required to patch these vulnerabilities under Binding Operational Directive 22-01, and CISA recommends all organizations prioritize remediation as part of their vulnerability management.

4.5/10·CISA Current Activity

Primary Source ↗Details →

HealthUpdate🇺🇸United States 🇪🇸Spain 🇲🇱Mali9d ago

The theme park located in Toledo publishes this job offer one week after firing three department heads as a consequence of these events. Puy du Fou acknowledges that animals were buried within the park and fires three managers. Puy du Fou wants to hire a person who is "passionate about animal welfare" to fill the position of head of the animal team.

4.5/10·eldiario.es·Toledo, Ohio

Primary Source ↗Details →

MilitaryUpdate🇲🇱Mali 🇷🇺Russia10d ago

This investigation is a collaboration between Bellingcat and Jeune Afrique. You can read Jeune Afrique’s article in French here. Unexploded Russian-made cluster munition bomblets, as well as damage consistent with bomblet impacts, have been found in a village in northern Mali – despite the West African country being a state party to the Convention on […] The post Banned Russian Submunitions Found After Mali’s Military Announces Airstrikes appeared first on bellingcat .

4.5/10·Bellingcat

Primary Source ↗Details →

CyberUpdate🇲🇱Mali11d ago

Threat actors are exploiting a recently disclosed critical security flaw in Ghost CMS to inject malicious JavaScript code with an aim to fuel ClickFix attacks. According to QiAnXin XLab, the activity involves the exploitation of CVE-2026-26980 (CVSS score: 9.4), an SQL injection vulnerability in Ghost's Content API that could allow an unauthenticated attacker to read arbitrary data from the

4.5/10·The Hacker News

Primary Source ↗Details →

CyberCrisis🇲🇱Mali11d ago

A new coordinated cross-ecosystem software supply chain attack campaign has targeted npm, PyPI, and Crates.io to distribute credential-stealing malware. The campaign, codenamed TrapDoor, spans more than 34 malicious packages across over 384 versions. The earliest activity was recorded on May 22, 2026, at 8:20 p.m.

4.5/10·The Hacker News

Primary Source ↗Details →