Please consider updating your browser. Some parts of the website may not function as intended.

“Wormhole” Wormable Zero-Click Vulnerability in Microsoft Teams

Microsoft teams vulnerability

A Security Engineer at Evolution Gaming has discovered a Cross-site Scripting (XSS) vulnerability on the teams.microsoft.com domain. This could be abused to trigger a Remote Code Execution (RCE) flaw in the Microsoft Teams Desktop Application. According to the researcher, an attacker simply needs to send a specially crafted message to any Teams user or channel […]

Risk Crew