Real-time global intelligence

© 2026 OpenWatch. All rights reserved.

For informational and entertainment purposes only. Not investment advice.

Platform

Brief
Signals
Cascade
Trajectories
Wagers
Track Record
Countries
Companies
Industries
Themes
Rankings

Tools

Globe
Analytics
Crises
Clusters
Supply Chain
Alliances
Screener
Watchlist
Portfolio

Developer

Status

Sources

View all sources →

1,000+ tracked sources

Signals updated every 15 minutes

Not investment advice. OpenWatch is provided for informational and entertainment purposes only. While we strive for accuracy, precision, and source attribution in all intelligence assessments, geopolitical analysis involves inherent uncertainty and our conclusions may be incomplete, delayed, or incorrect. Nothing on this platform constitutes financial, investment, legal, or professional advice of any kind. Forward-looking scenarios and probability estimates are analytical hypotheses — not independently validated forecasts. Any actions taken based on information found here are solely your responsibility. Always consult a qualified financial advisor before making investment decisions. Past signal patterns do not guarantee future outcomes.

Methodology
Privacy Policy
Terms of Use

openwatch.io

v·0bda686

Search

Congressional trades, bills, prediction markets, hearings, and intelligence signals. Signal search supports: AND OR "exact phrase" -exclude

Keywords

Threat Layer

Military Cyber Economic Disaster Political Criminal Health Supply Chain

Signal Type

Any Crisis Update Resolution

Region

Country

Min. Severity

Any ≥ 3 ≥ 5 ≥ 7 ≥ 9

Date Range

Clear all filters

Sort by

Severity Newest

↓Export CSV (requires API key)

Themes:🧠AI Chip Bottleneck 🛡US Defense Surge ⚓Shipping Lane Fragmentation 🔌Taiwan Semiconductor Risk

63 signals for Supply Chain+Health+Cyber · Mali · Update

Page 1 of 3

CyberUpdate🇺🇸United States 🇲🇱Mali9d ago

CISA added CVE-2026-48172, a privilege escalation flaw in the LiteSpeed cPanel plugin, to its Known Exploited Vulnerabilities catalog after detecting active exploitation. Federal agencies are required to patch the vulnerability under Binding Operational Directive 22-01; CISA recommends all organizations prioritize remediation as part of their vulnerability management.

5.5/10·CISA Current Activity

Primary Source ↗Details →

CyberUpdate🇺🇸United States 🇲🇱Mali52d ago

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added seven newly exploited vulnerabilities to its Known Exploited Vulnerabilities Catalog, including flaws in Microsoft Windows, Exchange Server, and Adobe Acrobat. Federal agencies are required to patch these vulnerabilities under Binding Operational Directive 22-01, though CISA is urging all organizations to prioritize remediation given active exploitation in the wild.

5.5/10·CISA Current Activity·Mali

Primary Source ↗Details →

CyberUpdate🇲🇱Mali7d ago

CISA is prioritizing the response to multiple emerging software supply chain intrusion campaigns targeting developer ecosystems Continuous Integration/Continuous Development (CI/CD) pipelines. These recent incidents, including the GitHub compromise via a malicious Nx Console Visual Studio Code (VS Code) extension and the “Megalodon” supply chain intrusion campaign, demonstrate how cyber threat actors are abusing tools and processes that support enterprise, cloud, and DevOps environments—specifically CI/CD pipelines, code extensions and workflows.  Threat actors leveraged a prior compromise of Nx developer systems to compromise a GitHub employee’s device through a poisoned third-party VS Code extension, resulting in unauthorized access and exfiltration of internal GitHub repositories. The malicious extension version (18.95.0) was distributed through VS Code’s automatic update mechanism, meaning systems with Nx Console previously installed may have received the malicious build without developers taking any manual installation action.

5.1/10·CISA Current Activity

Primary Source ↗Details →

CyberUpdate🇺🇸United States 🇲🇱Mali13d ago

The US Cybersecurity and Infrastructure Security Agency (CISA) added CVE-2026-9082, a SQL injection flaw in Drupal Core, to its catalog of known exploited vulnerabilities, indicating active real-world attacks are already underway. Federal agencies are required to patch the vulnerability under Binding Operational Directive 22-01, and CISA is urging all organizations to prioritize remediation.

5.0/10·CISA Current Activity

Primary Source ↗Details →

CyberUpdate🇺🇸United States 🇲🇱Mali20d ago

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added a Microsoft Exchange Server cross-site scripting vulnerability (CVE-2026-42897) to its Known Exploited Vulnerabilities Catalog after confirming active exploitation. Federal agencies are required to remediate the flaw under existing binding directive 22-01, and CISA urges all organizations to prioritize patching as part of standard vulnerability management.

5.0/10·CISA Current Activity·Washington, District of Columbia

Primary Source ↗Details →

CyberUpdate🇺🇸United States 🇲🇱Mali21d ago

The US Cybersecurity and Infrastructure Security Agency (CISA) added a Cisco Catalyst SD-WAN Controller authentication bypass vulnerability (CVE-2026-20182) to its Known Exploited Vulnerabilities catalog, citing evidence of active attacks in the wild. Federal agencies must remediate the flaw under binding operational directive BOD 22-01, and CISA recommends all organizations prioritize patching to prevent exploitation of this frequently-used network infrastructure.

5.0/10·CISA Current Activity

Primary Source ↗Details →

CyberUpdate🇺🇸United States 🇲🇱Mali27d ago

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a SQL injection vulnerability in BerriAI's LiteLLM software to its catalog of known exploited vulnerabilities, signaling active-use attacks in the wild. Federal civilian agencies are required to patch the flaw by a set deadline; CISA is urging all organizations to prioritize remediation as part of routine vulnerability management.

5.0/10·CISA Current Activity·Mali

Primary Source ↗Details →

CyberUpdate🇺🇸United States 🇲🇱Mali8d ago

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added three newly exploited vulnerabilities to its Known Exploited Vulnerabilities Catalog: flaws in Daemon Tools Lite, TanStack, and Nx Console. Federal agencies are required to patch these vulnerabilities under Binding Operational Directive 22-01, and CISA recommends all organizations prioritize remediation as part of their vulnerability management.

4.5/10·CISA Current Activity

Primary Source ↗Details →

HealthUpdate🇺🇸United States 🇪🇸Spain 🇲🇱Mali8d ago

The theme park located in Toledo publishes this job offer one week after firing three department heads as a consequence of these events. Puy du Fou acknowledges that animals were buried within the park and fires three managers. Puy du Fou wants to hire a person who is "passionate about animal welfare" to fill the position of head of the animal team.

4.5/10·eldiario.es·Toledo, Ohio

Primary Source ↗Details →

CyberUpdate🇲🇱Mali10d ago

Threat actors are exploiting a recently disclosed critical security flaw in Ghost CMS to inject malicious JavaScript code with an aim to fuel ClickFix attacks. According to QiAnXin XLab, the activity involves the exploitation of CVE-2026-26980 (CVSS score: 9.4), an SQL injection vulnerability in Ghost's Content API that could allow an unauthenticated attacker to read arbitrary data from the

4.5/10·The Hacker News

Primary Source ↗Details →

CyberUpdate🇺🇸United States 🇲🇱Mali15d ago

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added seven known vulnerabilities to its catalog of actively exploited flaws, including old Microsoft Windows and Internet Explorer bugs alongside newer Microsoft Defender elevation-of-privilege and denial-of-service vulnerabilities. CISA is urging all organizations, particularly federal agencies, to prioritize patching these vulnerabilities as part of routine vulnerability management.

4.5/10·CISA Current Activity

Primary Source ↗Details →

CyberUpdate🇲🇱Mali16d ago

Microsoft security researchers have identified Fox Tempest, a financially motivated threat actor operating a malware-signing service that other cybercriminal groups—including Vanilla Tempest and Storm—use to distribute ransomware and malicious code more effectively.

4.5/10·Microsoft Security Blog

Primary Source ↗Details →

HealthUpdate🇸🇴Somalia 🇺🇬Uganda 🇲🇱Mali7d ago

The African Centre for Disease Control and Prevention is relying on research and international cooperation to accelerate the development of an effective vaccine. Somalia has joined the list of now eleven countries at risk of being affected by the virus, in addition to the DRC and Uganda.

4.3/10·Le Monde Afrique

Primary Source ↗Details →

Supply ChainUpdate🇮🇷Iran 🇮🇱Israel 🇲🇱Mali16d ago

Jain Resource Recycling shares plunged up to 19% after reporting operational disruptions caused by Iran–Israel geopolitical tensions, which hit supply chains, raised shipping costs and compressed Q4 margins. Despite the near-term impact, the company reported strong revenue and profit growth, while signalling improving conditions and normalising costs in Q1FY27.

4.3/10·Economic Times India·Mali

Primary Source ↗Details →

HealthUpdate🇺🇸United States 🇨🇴Colombia 🇮🇳India+17d ago

<p>Northwestern University theater major Laura Fajardo-Riascos warms up her voice as her classmate, Kennedy Naseem, strums on a ukulele. The duo is sitting in a colorful playroom on the 17th floor of Lurie Children’s Hospital in Streeterville.</p><p>They’re here to put on an interactive show for the kids in this unit, but whether they’ll have an audience all depends on how the young patients are feeling this afternoon in May.</p><p>Fajardo-Riascos and Naseem are among 10 students enrolled in a Northwestern class this spring that is bringing playful, small-scale theater to an unlikely setting: Chicago’s pediatric hospitals. The show, “Let’s Go Camping!,” was developed in part by their professor, Elizabeth Brendel Horn, while she was still working in Florida.

4.1/10·Chicago Sun-Times·Chicago, Illinois

Primary Source ↗Details →

Supply ChainUpdate🇫🇷France 🇲🇱Mali7d ago

Global average temperatures are likely to continue at or near record levels this year and for the next four years afterwards, the United Nations warned on Thursday. The 11 hottest individual years ever recorded all happened from 2015 onwards and the UN’s weather and climate agency said the trend was set to continue, with a new hottest-ever year “likely” before 2031. There is a 75 per cent chance that the 2026-2030 five-year mean temperature will surpass the key threshold of 1.5 degrees Celsius above the 1850-1900 pre-industrial average, the World Meteorological Organisation (WMO) said.

4.1/10·Dawn (Pakistan)·Pacific Ocean

Primary Source ↗Details →

HealthUpdate🇨🇴Colombia 🇲🇱Mali16d ago

Medellín's mayor's office launched 'Tejiendo Hogares,' a campaign to prevent child abuse and domestic violence by educating parents on non-violent discipline methods. The city recorded 13,633 domestic and gender violence cases in 2025, with 5,455 involving physical violence and 4,466 sexual violence incidents; 82% of sexual violence victims are women, and 30% are girls aged 10–14. The administration will hold community education events across 40 city locations on May 23 to address family violence prevention and emotional well-being.

4.0/10·El Colombiano (Medellín)·Medellin, Antioquia

Primary Source ↗Details →

CyberUpdate🇲🇱Mali16d ago

Cybersecurity researchers have disclosed a malvertising campaign called Trapdoor that deployed 455 malicious Android applications and operated 183 command-and-control servers to conduct ad fraud and distribute deceptive ads to mobile users.

4.0/10·The Hacker News

Primary Source ↗Details →

HealthUpdate🇧🇷Brazil 🇲🇱Mali7d ago

# Translation Six out of every ten elementary and middle school students who menstruate report experiencing severe and moderate cramps that disrupt their school routine and require medication use. And approximately four out of every ten female students (37.1%) miss classes monthly due to menstrual pain. The data comes from research conducted by the Alana Institute in partnership with the Equidade.info Institute and was released this Wednesday (27), International Menstrual Dignity Day, celebrated this Thursday (28).

3.7/10·Agência Brasil

Primary Source ↗Details →

Supply ChainUpdate🇺🇸United States 🇲🇱Mali9d ago

Its objective is to allow sustained human presence and increased scientific and commercial activity at the lunar South Pole, as well as lay the foundations for the first manned missions to Mars. Michel Mayor, Nobel Prize in Physics: "Migrating to Mars would be madness, it would mean living worse than in the worst place on Earth." NASA plans to send an uncrewed lander from Blue Origin to the Moon between September and November to begin laying the foundations for the future lunar base, and it will be followed by two similar missions scheduled for before the end of 2026, as the space agency reported this Tuesday. The spacecraft chosen for the first mission is the Blue Origin Mark One Endurance landing module, designed by Jeff Bezos's space company, the founder of Amazon, according to NASA administrator Jared Isaacman during a press conference in Washington.

3.7/10·eldiario.es·Washington, District of Columbia

Primary Source ↗Details →

Supply ChainUpdate🇲🇱Mali20d ago

La coalición de izquierdas que lidera Maíllo cierra campaña con una defensa cerrada de lo público y con un llamamiento a combatir "la resignación", para así multiplicar los votos y expulsar a un PP "antisocial" Antonio Maíllo: “Hay acreditadas muertes por el fallo de cribados, si Moreno contara la verdad no ganaría las elecciones” “Una esperanza de izquierda”, “alegría”, “acabar con la resignación”, “optimismo”... El vocabulario de campaña del candidato de Por Andalucía, Antonio Maíllo , ha estado marcado por un optimismo que contrasta con lo que dicen machaconamente las encuestas, que coinciden en que este 17M lo único que está por decidir no es ya la victoria del PP de Juan Manuel Moreno, sino si lo hace por mayoría absoluta o no. Y el desafío a estos augurios es lo que ha vuelto a combatir en el cierre de campaña, repitiendo que “el futuro no está escrito”, que esta tierra es especialista en “cambiar el guión” y que se aprecia una “reactivación” en la izquierda.

3.7/10·eldiario.es·Mali

Primary Source ↗Details →

CyberUpdate🇲🇱Mali8d ago

CrowdStrike, in partnership with Google and the Shadowserver Foundation, has announced the simultaneous disruption of all command-and-control (C2) channels associated with GlassWorm, a persistent software chain campaign targeting software developers through malicious packages and extensions. "Since at least early 2025, GlassWorm operators have systematically targeted software developers, a

3.5/10·The Hacker News

Primary Source ↗Details →

CyberUpdate🇲🇱Mali12d ago

This week, I&#x27m attending the SEC670[ 1 ] training (â€œRed Teaming Tools - Developing Windows Implants, Shellcode, Command and Controlâ€). From my point of view, this training fits perfectly with FOR610 or FOR710 (malware analysis) because it addresses malware from the opposite: Instead of performing reverse engineering, you write malicious code! Always interesting to have another point of view. 

3.5/10·SANS Internet Storm Center

Primary Source ↗Details →

CyberUpdate🇲🇱Mali13d ago

Cybersecurity researchers have disclosed details of a new automated campaign called Megalodon that has pushed 5,718 malicious commits to 5,561 GitHub repositories within a six-hour window. "Using throwaway accounts and forged author identities (build-bot, auto-ci, ci-bot, pipeline-bot), the attacker injected GitHub Actions workflows containing base64-encoded bash payloads that exfiltrate CI

3.5/10·The Hacker News

Primary Source ↗Details →

CyberUpdate🇲🇱Mali14d ago

Security researchers examine how cryptocurrency wallet drainers operate through social engineering and automated transaction approval exploits, using the Lucifer DaaS platform as a case study of how these attacks are being scaled.

3.5/10·Bleeping Computer

Primary Source ↗Details →