Date: 2026-04-28

Location: Bamako, Mali

Key Actors: Terrorist organizations (Unspecified), Government of Mali

Key Facts:

• Multiple terrorist attacks were reported across several locations in Mali.
• The attacks resulted in the demise of General Sadio Camara, Minister of Defence and Veteran Affairs of Mali.
• The U.S. Embassy issued a security alert warning of possible terrorist movements within Bamako, advising citizens to shelter in place and avoid unnecessary travel.
• Incidents included reports of forced school closures.

Security & Recommendations:

• Organizations operating in West Africa should elevate physical security postures, particularly for high-profile personnel and key facilities.
• Review and enforce crisis communication plans and shelter-in-place protocols for staff in Bamako and surrounding areas.

[Link]([suspicious link removed]) | [Link]([suspicious link removed])

Date: 2026-04-28 (Report Published); Intrusion began April 13, 2026

Location: Global operations (Impact to 7,700 utility providers in 100 countries)

Key Actors: Unspecified Cyber Threat Actor; Itron (Utility Supplier)

Key Facts:

• A major critical infrastructure supplier, Itron, reported a cyberattack and unauthorized activity within its corporate systems.
• Itron provides devices that analyze energy and water use and has contracts with over 7,700 utility providers globally.
• The company discovered the intrusion on April 13 and took immediate action to remove the unauthorized activity.
• Itron claims the cyberattack did not disrupt operations, and costs are expected to be covered by insurance.

Security & Recommendations:

• CI operators utilizing Itron technology or similar third-party suppliers must validate the security posture of these supply chain dependencies.
• Enhance monitoring for anomalous traffic stemming from third-party vendor connections, focusing on potential lateral movement within the environment.

[Link]([suspicious link removed])

Date: Ongoing, since at least March 2026

Location: United States Critical Infrastructure Sectors (Energy, Water, Government Services)

Key Actors: Iranian-Affiliated Advanced Persistent Threat (APT) actors (e.g., CyberAv3ngers)

Key Facts:

• Iranian-affiliated APT actors are actively exploiting internet-facing Operational Technology (OT) devices, primarily Programmable Logic Controllers (PLCs) manufactured by Rockwell Automation/Allen-Bradley.
• Activity involves maliciously interacting with project files and manipulating data on Human Machine Interface (HMI) and Supervisory Control and Data Acquisition (SCADA) displays.
• Impacted organizations have experienced operational disruption and financial loss.
• The intent is assessed to be causing disruptive effects within the United States CI.

Security & Recommendations:

• Limit or eliminate external access to PLCs from the internet.
• Implement robust network segmentation between IT and OT environments.
• Review logs for suspicious traffic related to the Indicators of Compromise (IoCs) provided by CISA and federal partners.

[Link]([suspicious link removed])

Date: 2026-04-28 (Guilty Plea Announced)

Location: United States

Key Actors: Damon Jones (Former NBA Player/Coach), Organized Crime Networks

Key Facts:

• Former NBA player Damon Jones pleaded guilty to charges related to his participation in fraudulent sports betting and rigged poker conspiracies.
• This conviction highlights the infiltration of criminal enterprises into high-profile sports and entertainment figures to facilitate illegal financial schemes.

Security & Recommendations:

• Financial institutions must increase vigilance on transactions associated with high-stakes gambling and digital asset movements lacking clear sourcing or justification.
• Implement enhanced monitoring for suspicious activities potentially linked to insider trading or manipulation within sports betting markets.

[Link]([suspicious link removed])