Cybercriminals are leveraging Microsoft Teams for a new malware campaign, using group chat requests to push DarkGate malware payloads. The attackers may have exploited a compromised Teams user to send over 1,000 malicious invites. Once installed, the malware contacts its command-and-control server, identified as part of the DarkGate infrastructure by Palo Alto Networks. Disabling External Access in Teams is advisable, according to AT&T Cybersecurity. DarkGate has various capabilities, including a VNC, Windows Defender bypass tools, a browser history theft tool, a reverse proxy, a file manager, and a Discord token stealer.