https://www.live-feeds.com/feed/ransomware-gang-abuses-microsoft-teams-relays-to-hide-malicious-trafficContinuously updated, source-cited coverage. https://www.live-feeds.com/feed/ransomware-gang-abuses-microsoft-teams-relays-to-hide-malicious-traffichttps://www.live-feeds.com/feed/ransomware-gang-abuses-microsoft-teams-relays-to-hide-malicious-traffic#u2045Wed, 17 Jun 2026 02:12:21 +0000The DragonForce ransomware group is exploiting Microsoft Teams' TURN relay servers to conceal command-and-control (C2) traffic, marking the first known abuse of this infrastructure for malware operations. The attack uses a Go-based backdoor called Backdoor.Turn to blend malicious activity with legitimate Teams communications. Multiple reports confirm this as an active tactic, with some sources linking it to a previously unknown Huawei driver vulnerability. The technique allows attackers to bypass security defenses by masking their traffic as routine Teams relay activity.What's confirmed:D