Trellix Confirms Source Code Breach With Unauthorized Repository Access

Cybersecurity company Trellix has announced that it suffered a breach that enabled unauthorized access to a “portion” of its source code.

It said it “recently identified” the compromise of its source code repository and that it began working with “leading forensic experts” to resolve the matter immediately. It also said it has notified law enforcement of the matter.

Trellix did not disclose the exact nature of the data that may have been accessed by the attackers. However, it pointed out that there are no indications that its source code has been affected or exploited.

“Based on our investigation to date, we have found no evidence that our source code release or distribution process was affected, or that our source code has been exploited,” the company added.

The company did not share any details about who may be behind the incident, and for how long the attackers had access to its systems. Trellix noted that additional information will be shared as appropriate once its investigation is complete.

Owned by Symphony Technology Group, Trellix was founded in January 2022 following the merger of McAfee Enterprise and FireEye. Around the same time, Mandiant, which was owned by FireEye, was acquired by Google in a deal worth $5.4 billion.

The Hacker News has reached out to Trellix for comment, and we will update the story if we hear back.

Trellix Confirms Source Code Breach With Unauthorized Repository Access

Comments

Leave a Reply Cancel reply

Trellix Confirms Source Code Breach With Unauthorized Repository Access

China-Linked Hackers Target Asian Governments, NATO State, Journalists, and Activists

Cybercrime Groups Using Vishing and SSO Abuse in Rapid SaaS Extortion Attacks

Poisoned Ruby Gems and Go Modules Exploit CI Pipelines for Credential Theft