Overview
- Trellix was added to the RansomHouse leak site with screenshots that purport to show access to internal services and management dashboards.
- Trellix says its probe has found no sign that builds or software updates were tampered with or that its source code was exploited.
- The company is working with forensic specialists and has alerted law enforcement as it continues the investigation.
- RansomHouse claims it encrypted data during the intrusion, though the authenticity of the posted screenshots has not been verified by independent reporters.
- SecurityWeek notes a possible tie to a broader supply‑chain campaign linked to TeamPCP and Lapsus$, but no connection has been confirmed.