ALL POSTS

Background The RedKitten cyber campaign is suspected to be linked to Iranian state interests and is targeting non-governmental organizations (NGOs) and individuals involved in documenting recent human rights abuses in Iran. The campaign was observed by the French cybersecurity company HarfangLab in January 2026, coinciding with the nationwide unrest in Iran that began towards the end of 2025. The unrest in Iran was sparked by soaring inflation, rising food prices, and currenc

Key Findings Iran has imposed a nationwide internet blackout amid widespread protests, severely restricting global connectivity. However, a limited surge of traffic was detected from select Iranian academic institutions, suggesting potential "whitelisting" tests. The fluctuations in connectivity for these academic networks indicate a strategic assessment of restricting global access to a limited elite. Tehran accounted for the majority of the observed academic traffic, likely