Trellix Source Code Breach – Hackers Gain Unauthorized Access to Repository

Cybersecurity giant Trellix has disclosed a significant security incident involving unauthorized access to a portion of its source code repository.

The company confirmed the breach in an official statement published on its website, stating it immediately engaged leading forensic experts upon discovering the intrusion.

Threat actors gained unauthorized access to part of Trellix’s internal source code repository — a highly sensitive target given the company’s position as a major endpoint security and extended detection and response (XDR) vendor.

Source code repositories are prime targets for attackers seeking to identify exploitable vulnerabilities, embed backdoors, or conduct supply chain attacks against downstream customers.

Trellix acted swiftly following the discovery, launching a formal investigation with external forensic specialists and notifying law enforcement authorities. According to the company’s statement, the investigation has so far found no evidence that:

• The source code release or distribution pipeline was compromised
• Any source code has been actively exploited in the wild
• Customer-facing products or security tools were tampered with

For a company whose products protect thousands of enterprise environments globally, even unauthorized read access to source code carries serious implications.

The incident echoes similar high-profile source code breaches affecting Microsoft, Okta, and LastPass in recent years.

Trellix has pledged transparency, stating it intends to share further technical details with the broader security community once its investigation concludes.

Follow us on Google News, LinkedIn, and X for daily cybersecurity updates. Contact us to feature your stories.

The post Trellix Source Code Breach – Hackers Gain Unauthorized Access to Repository appeared first on Cyber Security News.