Threat actors now use OneNote attachments in phishing emails that infect victims with remote access malware which can be used to install further malware, steal passwords, or even cryptocurrency wallets.
Protection:
The best way to protect yourself from malicious attachments is to simply not open files from people you do not know. However, if you mistakenly open a file, do not disregard warnings displayed by the operating system or application.
If you see a warning that opening an attachment or link could harm your computer or files, simply do not press OK and close the application.
If you feel it may be a legitimate email, share it with a security or Windows admin to help you verify if the file is safe.
More information can be found here: