Date: February 5-6, 2026 (Ongoing)

Location: Muscat, Oman; Strait of Hormuz; Turkey

Key Actors: United States, Iran, Sultanate of Oman, Turkey (President Erdogan)

• US and Iranian representatives are scheduled to meet in Muscat, Oman, for rare face-to-face talks, relocated from Istanbul.
• Iran is hardening its negotiating position, rejecting the transfer of enriched uranium outside of Iran and pushing back against discussing non-nuclear topics like the ballistic missile program.
• Oman is criticized as a biased mediator, having maintained a close strategic relationship with Iran and serving as a key hub for Iran’s Houthi proxy, including financial and weapons procurement activities.
• Turkey’s President Erdogan is actively working to ensure the stability and survival of the current Iranian regime by proposing a three-year deal to limit Iran’s nuclear and missile programs.

Date: February 5, 2026

Location: Global

Key Actors: United States, Russia, China (President Xi Jinping)

• The New START treaty, the last remaining US-Russia nuclear arms control treaty, is set to expire on February 5, 2026.
• This expiration allows the Trump administration to reexamine the US nuclear posture toward both Russia and China.
• In a call with President Trump, Chinese leader Xi Jinping warned the US to be “prudent” regarding the supplying of arms to Taiwan.

Date: February 5, 2026

Location: Kadugli, South Kordofan State, Sudan

Key Actors: Sudanese Armed Forces (SAF), Rapid Support Forces (RSF), United States, UAE, Egypt, Saudi Arabia, Turkey

• A military breakthrough by the SAF ended the years-long siege of Kadugli, suggesting a potential shift in military momentum in the civil war.
• The United States pledged $200 million in aid, and the United Arab Emirates committed $500 million, to accelerate a humanitarian aid drive in the region.
• Regional engagement is deepening, with Egypt and Saudi Arabia backing the SAF, while the UAE provides significant support to the RSF.

Date: 2026-02-02 (Discovery); Ongoing for 6 months (Compromise)

Location: Global (Targeting government, telecom, aviation, and CNI sectors)

Key Actors: Lotus Blossom APT (aka Lotus Panda, Billbug), Notepad++ Developers

• Suspected Chinese state-sponsored hackers hijacked a shared hosting server used by the Notepad++ text editor.
• This allowed the selective redirection of update traffic and deployment of a previously unknown backdoor named Chrysalis to high-value targets.

Date: February 4-5, 2026

Location: Italy; Global

Key Actors: Russian Hacker Groups (Noname057), Russia-linked Attackers, Polish Police

• Italy thwarted a series of Russian Distributed Denial-of-Service (DDoS) cyberattacks targeting the Milan-Cortina Winter Olympics sites and foreign ministry offices.
• A Russian hacker group named Noname057 claimed responsibility for the DDoS attacks in response to Italy’s support for Ukraine.
• Russia-linked attackers are exploiting a new Microsoft Office vulnerability as part of a coordinated espionage and malware campaign called Operation Neusploit.
• Polish police arrested a 20-year-old man suspected of carrying out global DDoS attacks targeting strategically important sites.

Date: February 4-5, 2026

Location: San Francisco, CA; Global

Key Actors: Linwei Ding (former Google engineer), PRC, Ransomware Actors, ShinyHunters

• Former Google software engineer Linwei Ding was convicted on seven counts of economic espionage and theft of trade secrets related to Google’s AI technology for the benefit of the PRC.
• Identity theft and Business Email Compromise (BEC) attacks are growing concerns.
• AI-driven phishing attacks have doubled by leveraging languages.
• ShinyHunters threat actors are exploiting Multi-Factor Authentication (MFA) mechanisms in sophisticated phishing attacks.
• A Plug-in’s SQL injection flaw has impacted approximately 40,000 WordPress sites.

Date: February 4, 2026 (Analysis Date)

Location: Global Supply Chains, US Critical Systems

Key Actors: China/PRC, Chinese LiDAR/Optical Transceiver Manufacturers (e.g., Robosense, Innolight, Eptolink)

• China is exploiting vulnerabilities in the electro-industrial stack by embedding “Hidden Huaweis” across critical supply chains.
• Chinese firms control approximately 90% of the global LiDAR market and over 60% of the global optical transceiver market.
• Optical transceivers, foundational to fiber communications in data centers, pose a critical national security risk as firmware could be maliciously programmed to introduce kill switches or malicious code into AI training systems.

Date: February 5, 2026

Location: US Public Safety and Critical Infrastructure

Key Actors: China, DJI, Autel, FCC, First Responders

• The US drone ban does not fully account for docked “drone-in-a-box” systems (drone docks) used by first responders and critical infrastructure operators.
• Chinese firms (DJI, Autel), both listed on the DoD’s 1260H list, are shifting competition to drone docks, creating dependency risks.
• If a Chinese-linked dock malfunctions due to malicious updates or maintenance failure, it can go dark, creating systemic risks when safety personnel are dependent on it.

Date: February 3-5, 2026

Location: Boston Logan International Airport (BOS); Milford, MA; Portage, IN; Valencia Airport (VLC), Spain

Key Actors: John Lee, Norfolk Southern Railway, Vueling Airlines

• A man was arrested for allegedly calling in bomb threats to both BOS and the Milford Regional Medical Center on February 3, 2026.
• Norfolk Southern is expanding its AI-developed “wheel integrity system” to pinpoint defects in train wheels moving up to 70 mph.
• A 24-year-old Moroccan national climbed onto the roof of a Vueling flight at Valencia Airport on January 31, 2026, delaying the flight for over two hours.

Date: February 3, 2026

Location: Strait of Hormuz, north of Oman

Key Actors: Iranian Gunboats, US-flagged tanker Stena Imperative, US Warship

• A group of Iranian gunboats approached the US-flagged tanker Stena Imperative and ordered it to stop its engine and prepare to be boarded.
• The vessel sped up and continued its voyage, eventually escorted by a US warship.

Date: February 3, 2026 (Arrests)

Location: Port of Hamburg, Germany

Key Actors: Two suspects (Romanian and Greek nationals), German Navy

• Two suspects were arrested after attempting to sabotage German naval vessels, which included dumping abrasive gravel into a ship’s engine, puncturing water supply lines, and deactivating electronic safety switches.
• The acts would have caused major damage and delayed departure, endangering German Navy operations.

Date: January 29, 2026 (Interception)

Location: North of the Port of Penang, Malaysian Waters

Key Actors: Malaysian Maritime Enforcement Agency (MMEA), Two Unnamed Tankers, 53 Crew members (Chinese, Burmese, Indian, Pakistani, Iranian nationals)

• MMEA detained two tankers anchored together for the alleged illegal transfer of crude oil, valued at approximately US$130 million.
• The seizure aligns with intensified enforcement efforts against sanctions evasion and illicit activities in territorial waters.

Date: February 5, 2026

Location: India, China, Global Shipping Routes

Key Actors: Russia, India (Prime Minister Modi), China, Shadow Fleet

• Russian oil sellers are increasingly turning to Chinese purchasers after India halted imports following a new trade deal with the U.S..
• However, the agreement’s effectiveness is questioned as Russian crude may continue reaching India via non-Russian intermediaries and Russia’s “shadow fleet” of oil tankers.
• The shadow fleet employs techniques such as ship-to-ship transfers, hiding location data, and complex ownership structures to obfuscate flows.

Date: February 1, 2026 (Announcement Date)

Location: United States; Congo

Key Actors: U.S. Export-Import Bank (EXIM), Trump Administration, Ivanhoe Mines

• “Project Vault,” a proposed $12 billion critical mineral stockpile initiative, was announced to counter China’s dominance in these markets.
• The project uses private sector forward purchase commitments to guarantee future demand at fixed prices.
• Ivanhoe Mines is in advanced talks to channel zinc-rich concentrate from its Kipushi mine in Congo to the United States under this scheme.

Date: January/February 2026 (Ongoing)

Location: Venezuela, Qatar, United States

Key Actors: Trump Administration, Qatar, Venezuelan Acting President Delcy Rodríguez

• The Trump administration is wiring Venezuelan oil revenue to Qatar following the U.S. capture of Nicolás Maduro.
• The U.S. has returned $500 million from the initial oil sale to the Venezuelan government.

Date: Ongoing (Pronounced increase in the last two years)

Location: Multiple U.S. states

Key Actors: Cuban Organized Crime Networks

• The U.S. is seeing a pronounced increase in Cuban females being trafficked in commercial sex markets, fueled by Cuban Organized Crime threats.
• The scale, structure, and coordination of these trafficking networks have intensified over the last two years.

Date: January 2026 (Seizure); 2026-02-03 (Stranding)

Location: Rarotonga, Cook Islands (Avatiu International Secure Port)

Key Actors: MV Raider (Togo-flagged cargo ship), French Authorities, International Criminal Networks

• French authorities seized 4.87 tonnes of cocaine from the cargo ship MV Raider in mid-January, reportedly destined for Australia.
• The vessel later docked in Rarotonga under a distress call for engine repairs, and its 11-member crew (Honduran and Ecuadorian nationals) were placed under 24-hour security.

Date: January 28, 2026 (Sentencing); August 2025 (Conviction)

Location: Arizona, California, El Paso Sector (U.S. Border)

Key Actors: Truck driver, ICE Homeland Security Investigations

• A truck driver received a decade-long federal prison sentence for separate arson attacks on Swift trailers in Arizona, having previously been jailed for similar attacks in California.
• A Texas man was sentenced for his role in a cross-border tunnel smuggling conspiracy following an ICE Homeland Security Investigations El Paso investigation.
• U.S. Customs and Border Protection maintains a 100-percent prosecution rate for anyone attempting unlawful entry along the El Paso Sector border, including construction zones.

Date: February 4, 2026

Location: Two villages in western Nigeria

Key Actors: Gunmen, Nigerian Red Cross

• Gunmen killed more than 160 people in attacks on two villages in western Nigeria, making it one of the country’s deadliest attacks in recent years.

Date: Weekend prior to February 5, 2026

Location: Airport serving Kisangani, Democratic Republic of the Congo

Key Actors: AFC/M23 rebel movement leader

• The leader of the AFC/M23 rebel movement claimed responsibility for launching eight explosive-laden drones targeting the Kisangani airport.
• All eight drones were shot down before reaching their target.

Date: Ongoing

Location: United States

Key Actors: Federal Law Enforcement Agencies

• The use of chemical agents by federal law enforcement officers to manage civil disturbances has increased significantly due to an ever-increasing number of public protests.

Date: February 4, 2026

Location: Warsaw’s Chopin Airport, Poland (near 1st Airlift Base)

Key Actors: Unidentified actors

• An unidentified item exploded inside a garbage truck parked on a service ramp near the 1st Airlift Base (Polish Air Force transport unit).

Date: Ongoing

Location: U.S. Airports

Key Actors: TSA, FBI’s LAX JTTF, CBP

• A replica pipe bomb discovered in a checked bag at Boise Airport topped the TSA’s 2025 list of most unusual items detected.
• TSA issued Super Bowl LX travel tips ahead of the game set for February 8 at Levi’s Stadium in Santa Clara, CA.
• CBP released new travel guidance ahead of the FIFA World Cup 2026™, which begins June 12 in Los Angeles.