Cybersecurity firm Trellix discloses source code repository breach
Trellix revealed that attackers gained unauthorized access to a portion of its source code repository. The company immediately engaged forensic experts, notified law enforcement, and stated there is no evidence the code was released, distributed, or exploited. No customer data theft was reported.
- portion of source code
What happened
On May 4, 2026, cybersecurity vendor Trellix publicly disclosed that attackers had gained unauthorized access to a portion of its internal source code repository. The company stated that it detected the intrusion promptly, engaged third-party forensic investigators, and notified law enforcement. Trellix emphasized that it found no evidence the accessed code had been exfiltrated, published, distributed, or used in any subsequent attacks.
The breach was limited to source code and did not involve customer environments, according to the company’s disclosure. No customer data was reported stolen, and Trellix has not identified any active exploitation of the exposed material. The incident highlights the persistent reality that even organizations whose core business is cybersecurity remain targets for sophisticated actors seeking intellectual property or potential footholds.
Want the rest of this breakdown?
Sign up free to keep reading. Members get extended access, the weekly breach digest, and a complimentary Warden™ to see if their identity is exposed in the breaches we cover.
A breach leaks your credentials. Then hackers chain those credentials to your address, family, phone, and employer using public broker sites. We’re the only tool built around that chain.
⚠ Were you in this breach?
Free email scanner. We check your address against 15.4B+ leaked records in 15 seconds — then show you the $19 cleanup that removes you from the broker sites aggregating leaked data.
Check my email — free →