Crooks found a new way to collaborate using Teams, by hiding C&C traffic

Cybercriminals have been observed hiding command-and-control (C2) traffic within Microsoft Teams collaboration channels, abusing legitimate API endpoints to evade detection. The technique allows attackers to issue commands and exfiltrate data while blending in with normal enterprise communication traffic.