Microsoft’s endpoint and collaboration stack faces two distinct but reinforcing threats this week: AI-automated evasion testing targeting Microsoft Defender specifically, and TA4922’s active exploitation of Microsoft Teams as a voice phishing delivery vector for Atlas RAT deployment. Neither involves a patched CVE, but both erode the detection reliability of controls that enterprise security architectures treat as foundational. The combined implication is that Defender telemetry may be unreliable for tuned evasion variants at the same time that Teams is being weaponized to deliver the payloads that require that telemetry.