Real-time global intelligence

© 2026 OpenWatch. All rights reserved.

For informational and entertainment purposes only. Not investment advice.

Platform

Brief
Signals
Cascade
Trajectories
Wagers
Track Record
Countries
Companies
Industries
Themes
Rankings

Tools

Globe
Analytics
Crises
Clusters
Supply Chain
Alliances
Screener
Watchlist
Portfolio

Developer

Status

Sources

View all sources →

1,000+ tracked sources

Signals updated every 15 minutes

Not investment advice. OpenWatch is provided for informational and entertainment purposes only. While we strive for accuracy, precision, and source attribution in all intelligence assessments, geopolitical analysis involves inherent uncertainty and our conclusions may be incomplete, delayed, or incorrect. Nothing on this platform constitutes financial, investment, legal, or professional advice of any kind. Forward-looking scenarios and probability estimates are analytical hypotheses — not independently validated forecasts. Any actions taken based on information found here are solely your responsibility. Always consult a qualified financial advisor before making investment decisions. Past signal patterns do not guarantee future outcomes.

Methodology
Privacy Policy
Terms of Use

openwatch.io

v·b5fbd6e

Search

Congressional trades, bills, prediction markets, hearings, and intelligence signals. Signal search supports: AND OR "exact phrase" -exclude

Keywords

Threat Layer

Military Cyber Economic Disaster Political Criminal Health Supply Chain

Signal Type

Any Crisis Update Resolution

Region

Country

Min. Severity

Any ≥ 3 ≥ 5 ≥ 7 ≥ 9

Date Range

Clear all filters

Sort by

Severity Newest

↓Export CSV (requires API key)

Themes:🧠AI Chip Bottleneck 🛡US Defense Surge ⚓Shipping Lane Fragmentation 🔌Taiwan Semiconductor Risk

248 signals for Military+Health+Cyber · Mali

Page 6 of 10

CyberCrisis🇺🇸United States 🇲🇱Mali51d ago

The US Cybersecurity and Infrastructure Security Agency (CISA) added two Microsoft vulnerabilities to its catalog of known exploited vulnerabilities based on evidence of active attacks. A remote code execution flaw in Microsoft Office (CVE-2009-0238) and an improper input validation vulnerability in SharePoint Server (CVE-2026-32201) are now listed as actively exploited by threat actors. Federal civilian agencies must remediate these by mandatory deadlines; CISA is urging all organizations to prioritize patching as part of routine vulnerability management.

5.5/10·CISA Current Activity·Mali

Primary Source ↗Details →

CyberUpdate🇺🇸United States 🇲🇱Mali52d ago

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added seven newly exploited vulnerabilities to its Known Exploited Vulnerabilities Catalog, including flaws in Microsoft Windows, Exchange Server, and Adobe Acrobat. Federal agencies are required to patch these vulnerabilities under Binding Operational Directive 22-01, though CISA is urging all organizations to prioritize remediation given active exploitation in the wild.

5.5/10·CISA Current Activity·Mali

Primary Source ↗Details →

CyberCrisis🇺🇸United States 🇲🇱Mali59d ago

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a Fortinet FortiClient EMS vulnerability to its Known Exploited Vulnerabilities catalog after detecting active exploitation by malicious actors. Federal civilian agencies are required to patch the flaw under Binding Operational Directive 22-01, and CISA is urging all organizations to prioritize remediation of the vulnerability as part of their vulnerability management practices.

5.5/10·CISA Current Activity·Mali

Primary Source ↗Details →

CyberCrisis🇺🇸United States 🇲🇱Mali64d ago

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a Google Dawn use-after-free vulnerability (CVE-2026-5281) to its Known Exploited Vulnerabilities Catalog after detecting active exploitation in the wild. Federal civilian agencies are required under Binding Operational Directive 22-01 to remediate the flaw on a set timeline, and CISA is urging all organizations to prioritize patching as part of routine vulnerability management.

5.5/10·CISA Current Activity·Mali

Primary Source ↗Details →

CyberCrisis🇺🇸United States 🇲🇱Mali66d ago

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a critical Citrix NetScaler vulnerability (CVE-2026-3055) to its catalog of known exploited vulnerabilities, citing evidence of active attacks. Federal agencies are required to patch the flaw under binding federal directive, and CISA is urging all organizations to prioritize remediation to reduce exposure to cyberattacks.

5.5/10·CISA Current Activity·Mali

Primary Source ↗Details →

CyberCrisis🇺🇸United States 🇲🇱Mali70d ago

The US Cybersecurity and Infrastructure Security Agency (CISA) has added CVE-2026-33634, an embedded malicious code vulnerability in Aqua Security's Trivy tool, to its Known Exploited Vulnerabilities catalog after confirming active exploitation. Federal agencies are required to remediate the vulnerability under Binding Operational Directive 22-01, though CISA urges all organizations to prioritize patching given the tool's widespread use in software supply chains.

5.5/10·CISA Current Activity·Mali

Primary Source ↗Details →

CyberCrisis🇺🇸United States 🇲🇱Mali71d ago

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added a Langflow code injection vulnerability (CVE-2026-33017) to its Known Exploited Vulnerabilities catalog after confirming active exploitation by malicious actors. Federal agencies are required to remediate the flaw by CISA's deadline, while CISA urges all organizations to prioritize patching to defend against ongoing attacks.

5.5/10·CISA Current Activity·Mali

Primary Source ↗Details →

CyberCrisis🇺🇸United States 🇲🇱Mali76d ago

The US Cybersecurity and Infrastructure Security Agency has added five actively exploited vulnerabilities to its Known Exploited Vulnerabilities catalog, including multiple flaws in Apple products and critical code injection vulnerabilities in Craft CMS and Laravel Livewire. Federal agencies are required to patch these by specified deadlines, and CISA is urging all organizations to prioritize remediation as part of vulnerability management practice.

5.5/10·CISA Current Activity·Mali

Primary Source ↗Details →

CyberCrisis🇺🇸United States 🇲🇱Mali77d ago

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added a critical deserialization vulnerability in Cisco Secure Firewall Management Center and Security Cloud Control to its Known Exploited Vulnerabilities catalog, citing evidence of active exploitation. Federal agencies are required to remediate the flaw by a mandated deadline under Binding Operational Directive 22-01, and CISA is urging all organizations to prioritize patching to prevent cyberattacks.

5.5/10·CISA Current Activity·Mali

Primary Source ↗Details →

CyberCrisis🇺🇸United States 🇲🇱Mali78d ago

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has listed CVE-2025-66376, a cross-site scripting vulnerability in Zimbra Collaboration Suite, as actively exploited in the wild. Federal agencies must remediate the flaw by a legally mandated deadline, and CISA is urging all organizations to prioritize patching as part of vulnerability management.

5.5/10·CISA Current Activity·Mali

Primary Source ↗Details →

CyberCrisis🇺🇸United States 🇲🇱Mali78d ago

The U.S. Cybersecurity and Infrastructure Security Agency has flagged a critical Microsoft SharePoint vulnerability (CVE-2026-20963) as actively exploited in the wild, adding it to its official catalog of known vulnerabilities that require urgent patching by federal agencies. The deserialization flaw is a common attack vector used by malicious actors and poses substantial risk to federal networks and broader organizational infrastructure.

5.5/10·CISA Current Activity·Mali

Primary Source ↗Details →

CyberCrisis🇺🇸United States 🇲🇱Mali80d ago

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added CVE-2025-47813, a Wing FTP Server information disclosure vulnerability, to its Known Exploited Vulnerabilities catalog after confirming active exploitation in the wild. Federal civilian agencies must remediate the flaw under Binding Operational Directive 22-01, with CISA urging all organizations to prioritize patching as part of vulnerability management.

5.5/10·CISA Current Activity·Mali

Primary Source ↗Details →

CyberCrisis🇺🇸United States 🇲🇱Mali83d ago

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added two Google vulnerabilities to its Known Exploited Vulnerabilities Catalog following evidence of active exploitation in the wild: CVE-2026-3909 (Google Skia out-of-bounds write) and CVE-2026-3910 (Google Chromium V8 flaw). Federal agencies are required to patch these vulnerabilities by a mandatory deadline under Binding Operational Directive 22-01, and CISA urges all organizations to prioritize remediation as part of standard vulnerability management.

5.5/10·CISA Current Activity·Mali

Primary Source ↗Details →

CyberCrisis🇺🇸United States 🇲🇱Mali85d ago

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a new vulnerability to its Known Exploited Vulnerabilities catalog: CVE-2025-68613 affecting n8n, a workflow automation platform. The vulnerability involves improper control of dynamically-managed code resources and has evidence of active exploitation in the wild. Federal agencies are required to remediate the flaw by a mandated deadline under CISA's Binding Operational Directive 22-01.

5.5/10·CISA Current Activity·Mali

Primary Source ↗Details →

CyberCrisis🇨🇦Canada 🇨🇳China 🇭🇰Hong Kong+3127d ago

Introduction This week Google and partners took action to disrupt what we believe is one of the largest residential proxy networks in the world, the IPIDEA proxy network. IPIDEA’s proxy infrastructure is a little-known component of the digital ecosystem leveraged by a wide array of bad actors. This disruption, led by Google Threat Intelligence Group (GTIG) in partnership with other teams, included three main actions: Took legal action to take down domains used to control devices and proxy traffic through them.

5.5/10·Mandiant Threat Intelligence·Hong Kong, Central and Western

Primary Source ↗Details →

MilitaryCrisis🇲🇱Mali18d ago

Jihadist militants linked to al-Qaeda's Support Group for Islam and Muslims (JNIM) set several transport buses on fire near Bamako on Saturday and have maintained a blockade around Mali's capital since late April. In response to the deteriorating security situation, a relative of Mali's most influential religious leader called for dialogue.

5.2/10·RFI Français·Bamako, Bamako

Primary Source ↗Details →

MilitaryUpdate🇯🇲JM 🇲🇱Mali7d ago

KINGSTON, Jamaica — State Minister in the Office of the Prime Minister, Senator Abka Fitz-Henley, has criticised the Opposition People’s National Party (PNP) for what he described as a “malicious tendency” to discredit “competent and patriotic Jamaicans” who serve in crucial posts. His remarks came in response to a statement issued by the PNP questioning whether Ambassador Antony Anderson formally applied for the role of chief executive officer (CEO) of the National Reconstruction and Resilience Authority (NaRRA) before being appointed by Prime Minister Andrew Holness on Wednesday. The Opposition, referring to Anderson as a “loyal military and policing technocrat”, raised concerns about the recruitment and selection process for the post.

5.1/10·Jamaica Observer·Kingston, Kingston

Primary Source ↗Details →

CyberUpdate🇲🇱Mali7d ago

CISA is prioritizing the response to multiple emerging software supply chain intrusion campaigns targeting developer ecosystems Continuous Integration/Continuous Development (CI/CD) pipelines. These recent incidents, including the GitHub compromise via a malicious Nx Console Visual Studio Code (VS Code) extension and the “Megalodon” supply chain intrusion campaign, demonstrate how cyber threat actors are abusing tools and processes that support enterprise, cloud, and DevOps environments—specifically CI/CD pipelines, code extensions and workflows.  Threat actors leveraged a prior compromise of Nx developer systems to compromise a GitHub employee’s device through a poisoned third-party VS Code extension, resulting in unauthorized access and exfiltration of internal GitHub repositories. The malicious extension version (18.95.0) was distributed through VS Code’s automatic update mechanism, meaning systems with Nx Console previously installed may have received the malicious build without developers taking any manual installation action.

5.1/10·CISA Current Activity

Primary Source ↗Details →

CyberUpdate🇺🇸United States 🇲🇱Mali13d ago

The US Cybersecurity and Infrastructure Security Agency (CISA) added CVE-2026-9082, a SQL injection flaw in Drupal Core, to its catalog of known exploited vulnerabilities, indicating active real-world attacks are already underway. Federal agencies are required to patch the vulnerability under Binding Operational Directive 22-01, and CISA is urging all organizations to prioritize remediation.

5.0/10·CISA Current Activity

Primary Source ↗Details →

CyberUpdate🇺🇸United States 🇲🇱Mali20d ago

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added a Microsoft Exchange Server cross-site scripting vulnerability (CVE-2026-42897) to its Known Exploited Vulnerabilities Catalog after confirming active exploitation. Federal agencies are required to remediate the flaw under existing binding directive 22-01, and CISA urges all organizations to prioritize patching as part of standard vulnerability management.

5.0/10·CISA Current Activity·Washington, District of Columbia

Primary Source ↗Details →

CyberUpdate🇺🇸United States 🇲🇱Mali21d ago

The US Cybersecurity and Infrastructure Security Agency (CISA) added a Cisco Catalyst SD-WAN Controller authentication bypass vulnerability (CVE-2026-20182) to its Known Exploited Vulnerabilities catalog, citing evidence of active attacks in the wild. Federal agencies must remediate the flaw under binding operational directive BOD 22-01, and CISA recommends all organizations prioritize patching to prevent exploitation of this frequently-used network infrastructure.

5.0/10·CISA Current Activity

Primary Source ↗Details →

CyberUpdate🇺🇸United States 🇲🇱Mali27d ago

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a SQL injection vulnerability in BerriAI's LiteLLM software to its catalog of known exploited vulnerabilities, signaling active-use attacks in the wild. Federal civilian agencies are required to patch the flaw by a set deadline; CISA is urging all organizations to prioritize remediation as part of routine vulnerability management.

5.0/10·CISA Current Activity·Mali

Primary Source ↗Details →

CyberCrisis🇺🇸United States 🇲🇱Mali57d ago

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has cataloged a newly exploited vulnerability in Ivanti's Endpoint Manager Mobile platform as a known active threat, requiring federal agencies to patch systems by a specified deadline to defend against ongoing attacks.

5.0/10·CISA Current Activity·Mali

Primary Source ↗Details →

CyberCrisis🇺🇸United States 🇲🇱Mali63d ago

The U.S. Cybersecurity and Infrastructure Security Agency has added a TrueConf Client vulnerability to its catalog of known exploited vulnerabilities, following evidence of active attacks in the wild. The flaw allows unauthenticated download of code without integrity verification, creating a high-risk vector for malicious actors targeting federal networks and other organizations.

5.0/10·CISA Current Activity·Mali

Primary Source ↗Details →

MilitaryCrisis🇸🇩Sudan 🇭🇹Haiti 🇲🇲Myanmar+27d ago

Israeli and Russian security forces have been added to a United Nations blacklist on sexual violence in conflict, according to a report reviewed on Thursday by AFP . Published annually by the UN, the list includes dozens of state and non-state groups credibly suspected of having engaged “systematically” in sexual violence in countries such as Sudan, Haiti, the Democratic Republic of Congo, Myanmar, Syria and Mali. Last August, UN Secretary-General Antonio Guterres warned Israel and Russia of their possible inclusion on the list.

4.9/10·Dawn

Primary Source ↗Details →