Since the beginning of the year, we’ve been tracking the growth of malware threat actors taking advantage of a (previously) rarely abused Office file format – the .one files used by the OneNote application. So have a few other security companies.
Source: SC Magazine