A recent Varonis report exposes a rising threat: cyber criminals exploiting Microsoft OneNote to launch “native” phishing campaigns via Microsoft 365. OneNote is a well-established digital note-taking app that provides a single place for keeping users' reminders, research and project information. These attacks exploit trust in legitimate collaboration tools, combining social engineering and cloud infrastructure to bypass traditional defenses. This new attack vector uses shared OneNote notebook