Microsoft OneNote is among the note-taking applications targeted by the Perseus Android banking trojan for credential and cryptocurrency recovery phrase extraction via Accessibility Services abuse; as with other targeted apps, the risk is user behavior rather than a product vulnerability, and no patch is applicable. Organizations with mobile workforces using OneNote on Android for credential storage should issue immediate advisory guidance and enforce MDM policy restricting Accessibility Service grants to approved applications.