Earlier, in August 2022, Vectra researchers discovered an attack path that let attackers with file system access to steal credentials for any Microsoft Teams user who is signed in.
Reports say the attackers don’t require permissions to read these files and it impacts all commercial and GCC Desktop Teams clients for Windows, Mac, and Linux. Vectra reported this issue to Microsoft but they said it did not meet their bar for immediate servicing.
https://cybersecuritynews.com/security- ... oft-teams/