KongTuke hackers have shifted their tactics to utilize Microsoft Teams as a vector for social engineering attacks, achieving persistent access to corporate networks in as little as five minutes. This new approach allows the initial access broker to bypass traditional security measures, highlighting the evolving nature of cyber threats. By leveraging Microsoft Teams, KongTuke hackers can move laterally within a network, potentially exploiting vulnerabilities such as unpatched CVEs or weak authentication protocols. The speed and efficacy of these attacks underscore the need for organizations to reassess their security protocols and implement robust defenses against social engineering tactics1. As a result, practitioners should be vigilant for potential downstream effects, including regulatory scrutiny and supply-chain disruptions, stemming from the compromised Microsoft ecosystem. This development matters to cybersecurity professionals because it signals a new wave of attacks that can infiltrate corporate networks through seemingly benign communication channels.