Trellix Source Code Repository Breached

Cybersecurity company Trellix says a part of its source code repository was recently breached, but shared little other information about the incident.  

Trellix said it has been working with forensic experts to investigate the intrusion, and law enforcement has been notified. 

“Based on our investigation to date, we have found no evidence that our source code release or distribution process was affected, or that our source code has been exploited,” Trellix said in a statement. 

The security firm has promised to share additional details after it completes its probe. 

Until then, the industry is left to speculate on the exact window of intrusion, who was behind the attack, and which specific products had their source code exposed.

The timing, however, suggests the breach may be related to a major supply chain attack targeting various open source applications to gain access to numerous companies. 

Linked to the profit-driven hacker groups TeamPCP and Lapsus$, this campaign has impacted several cybersecurity firms, including Checkmarx, Aqua Security, and Bitwarden. 

The hackers exploited trust in software development and security infrastructure, compromising CI/CD pipelines to distribute trojanized updates and malicious extensions, which enabled large-scale exfiltration of credentials and source code from affected enterprise environments.

Related: SAP NPM Packages Targeted in Supply Chain Attack

Related: European Commission Confirms Data Breach Linked to Trivy Supply Chain Attack

Related: Mercor Hit by LiteLLM Supply Chain Attack