An initial access broker associated with the Payouts King ransomware group is using Microsoft Teams phishing to deploy a malicious Microsoft Edge web browser extension, according to researchers at Zscaler. Once the hackers have a foothold within an organization, they sell the access to the ransomware gang to conduct follow-on attacks.