Attackers are using OneNote files to infiltrate systems by embedding malicious payloads, with OneNote becoming a popular option after macros were disabled. The attack is not new, with techniques ranging from phishing to sharing OneNote files, and payloads including RATs and information stealers.
Read full article on LogPoint