Microsoft Teams
-
MuddyWater linked to Microsoft Teams intrusion that used Chaos ransomware branding
A Rapid7 technical analysis says MuddyWater used Microsoft Teams, screen-sharing and remote access tools in an early 2026 intrusion that looked like Chaos ransomware but focused on data theft and persistence.
-
UNC6692 Uses Microsoft Teams Help Desk Impersonation to Push Custom Malware
UNC6692 used Microsoft Teams help desk impersonation, email bombing and a custom malware chain to target corporate users, according to Mandiant. The activity included credential harvesting, remote access, tunneling and later-stage network movement.
-
Silver Fox uses fake Microsoft Teams installers in false-flag ValleyRAT campaign
Security researchers report that the Silver Fox group has run an SEO poisoning campaign since November 2025 that uses fake Microsoft Teams installers to deliver ValleyRAT to organisations in China; technical analysis from ReliaQuest and Nextron Systems details layered infection chains, false-flag indicators and the use of vulnerable drivers.
-
US Air Force investigating ‘privacy-related issue’ after alleged SharePoint notice
The Department of the Air Force is investigating a “privacy-related issue” after an alleged notice said USAF SharePoint permissions exposed PII and PHI and that SharePoint, Teams and Power BI might be blocked; officials have provided limited confirmation and Microsoft declined to comment.
-
Fake Microsoft Teams installers promoted in search ads deliver Oyster backdoor, researchers say
Search ads and SEO poisoning have been used to promote fake Microsoft Teams installers that deliver the Oyster backdoor to Windows machines, researchers said; the trojanized installer drops a DLL and creates a scheduled task for persistence.
-
Cybersecurity Researchers Uncover Advanced Matanbuchus 3.0 Malware Targeting Microsoft Teams
Cybersecurity experts have identified a new variant of the Matanbuchus malware that exploits Microsoft Teams. This advanced loader has sophisticated stealth capabilities, enhancing its potential for evading detection and targeting company employees through social engineering tactics.
