scanning advisory feeds…

KongTuke hackers now use Microsoft Teams for corporate breaches

Initial access broker KongTuke has moved to Microsoft Teams for social engineering attacks, taking as little as five minutes to gain persistent access to corporate networks.

Grace Ops

CONTENT OPTIMIZATION · AEO/GEO

PENDING

Not yet scored. Next refresh: 02:00 UTC.

discussion

0 comments

Loading comments…

audit trail / provenance1

Provenance

Claims tie surfaced fields back to sources, models, or heuristics.

severity.upliftheuristicn/a
Ransomware campaign indicators detected — floor raised to at least high.

What changed

Append-only revisions when ingest or analysts evolve the record.

No revision rows stored yet.

Sources

https://www.bleepingcomputer.com/news/security/kongtuke-hackers-now-use-microsoft-teams-for-corporate-breaches/

Curated May 14, 2026 by Aidan Duffy, Threat intelligence editor, AHackaday./Methodology/Sources verified.

Brief grounded in 1 source.

Grace Ask GracereadyGrace is ready

Grounded in this brief only — KongTuke hackers now use Microsoft Teams for corporate breaches. Press ⌘K any time.

You're answering aschange anytime

Pick a playor type your own ↓

Tone

Pull keywords → Generate

Generate an answer and Grace will return a grounded response for this incident.

social pulse

mentions (24h)61

velocitytrend flat

mentions delta+0% vs prior snapshot

platform splitX 33% · Reddit 0% · GitHub 67%

keywords

blognewshtml

x analyticsheat 40 (flat)

authors 19verified 0%

likes127

retweets44

replies4

quotes3

cross-platform summaryLive chatter is accelerating; analysts are actively validating impact.