Skip to content

News
Cybercrime
Risk
Policy
Privacy
Research
Cloud
Insurance

LinkedIn
Facebook

RedKitten

Iran-linked RedKitten campaign uses AI-generated macros to deploy SloppyMIO backdoor

Cybercrime, News, Research

February 2, 2026

A HarfangLab technical analysis links a January 2026 campaign to an Iran-aligned actor using macro-laced Excel files to deploy the SloppyMIO backdoor that retrieves configuration via GitHub and exfiltrates via Telegram.

About
Editorial Policy
Privacy
Contact