Microsoft Teams Flaws Allowed Attackers to Fake Identities, Rewrite Chats

Microsoft Teams vulnerabilities let attackers impersonate users, edit chat history, and spoof calls before Microsoft issued security fixes in late 2025.

Microsoft Teams, the communication platform used by hundreds of millions worldwide, has been found to contain serious security vulnerabilities that could have let attackers impersonate executives, alter chat histories, and fake notifications. The findings come from Check Point Research, which examined how both external guests and malicious insiders could exploit Teams’ trust-based design.