Snowflake has issued a warning to its cloud customers about a targeted credential theft campaign. Hackers are using information-stealing malware to obtain credentials and compromise accounts that do not use multifactor authentication (MFA). The company urges customers to enable MFA immediately to protect their accounts. This alert, issued over the weekend, follows a broader trend of sophisticated cyber attacks, including a multi-stage malware attack in Ukraine that uses MS Excel macros to deploy Cobalt Strike, a penetration testing tool often repurposed for malicious activities. Additionally, hundreds of Snowflake customer passwords have been found online linked to this malware.