Threat-Intelligence

Teams Vulnerability Allows Microsoft Defender Bypass Through Guest Access

Ontinue security researchers have discovered a “cross-tenant blind spot” in Microsoft Teams that allows attackers to bypass Microsoft Defender for Office 365 protections using the guest access feature. The problem is that when a user operates as a guest in an external tenant, their security protections are determined entirely by the hosting environment, and not by the security policies of their home organization. This fundamental architectural gap opens the door to attack scenarios where users become unprotected guests in a malicious environment controlled by the attacker. ...

November 28, 2025 · Comfidentia

RomCom Uses SocGholish to Distribute Mythic Agent in Attack on Engineering Company

Threat actors linked to the RomCom group have been observed using the SocGholish JavaScript loader to deliver the Mythic Agent to a US-based civil engineering company. This event marks the first time that a RomCom payload distributed through SocGholish has been detected. The attack has been attributed with medium-high confidence to Unit 29155 of the Main Directorate of the General Staff of the Armed Forces of the Russian Federation (GRU). The targeted entity is a company that had previously worked for a city with close ties to Ukraine. ...

November 26, 2025 · Comfidentia
Español English