Overview
- Trellix disclosed Monday that attackers gained unauthorized access to a portion of its private source code repository and said it began a forensic investigation after notifying law enforcement.
- The company says it has found no evidence so far that its code was altered or that its build and release systems, which turn code into software updates, were affected.
- Trellix has not shared technical details, leaving the timing of the breach, which products’ code was exposed, and who carried out the intrusion unresolved.
- Some researchers point to a broader supply‑chain campaign that has recently hit firms such as Checkmarx, Aqua Security, and Bitwarden, but any link to the Trellix breach remains unconfirmed.
- Access to source code can help attackers spot flaws, learn how detections work, and try to craft fake updates, which could pose downstream risks for customers if later abuse is found.