A tool labeled TeamsPhisher was published recently on GitHub by a member of the U.S. Navy red team in an attempt to highlight and resolve a security issue within the business communication platform Microsoft Teams.
The tool works to bypass and exploit Microsoft Teams to allow unsolicited external files to be sent, allowing hackers to send messages to anyone despite not being a part of the recipient’s organization.