Avanan's research into how malicious files are being spread in Microsoft Teams was featured in BleepingComputer. Hackers are attaching .exe files to Teams conversations. These files can then take over a user's computer. As BleepingComputer writes:
The method used to gain access to Teams accounts remains unclear but some possibilities include stealing credentials for email or Microsoft 365 via phishing or compromising a partner organization.
Automatic analysis of the malware distributed this way shows that the trojan can establish persistence through Windows Registry Run keys or by creating an entry in the startup folder.
It also collects detailed information about the operating system and the hardware it runs on, along with the security state of the machine based on the OS version and the patches installed.
Read the rest of the article at BleepingComputer.