Security researchers have discovered a critical vulnerability in Microsoft Teams that allows attackers to bypass all Defender for Office 365 protections by inviting users into malicious tenant environments.
The flaw exploits a fundamental architectural gap in how Teams handles cross-tenant collaboration and guest access.
The vulnerability centers on a critical misunderstanding held by most security teams. When employees accept guest invitations to external Teams tenants, they lose all security protections provided by their home organisation.
https://gbhackers.com/microsoft-teams-guest-chat-flaw/