Trellix Discloses Security Breach of Code Repository

Trellix Discloses Security Breach of Code Repository 🚨

Trellix has disclosed a security breach affecting part of its source code repository. However, the company assures that there are no signs of code misuse. Following the discovery, Trellix promptly launched an investigation with forensic experts and notified law enforcement.

While the exact data accessed remains unclear, Trellix stated there is no evidence that its source code has been altered or exploited. In an official statement, Trellix mentioned:

“Trellix recently identified unauthorized access to a portion of our source code repository. Upon learning of this matter, we immediately began working with leading forensic experts to resolve it. We have also notified law enforcement.”

The statement continued:

“Based on our investigation to date, we have found no evidence that our source code release or distribution process was affected, or that our source code has been exploited. As part of our commitment to our broader security community, we intend to share further details as appropriate once our investigation is complete.”

The company has not disclosed who carried out the attack or how it was executed. Additionally, it remains unclear how long the attackers had access to the repository. Unauthorized access to a source code repository can expose sensitive logic, APIs, or credentials. Attackers may study the code to find vulnerabilities, create exploits, or plan targeted attacks. Such a breach can lead to intellectual property theft, reputational damage, and supply chain risks if tampered code is later distributed to customers or partners.

For more details, you can read the full article here.