Trellix disclosed that attackers gained unauthorized access to a portion of its source code repository and is working with outside forensic experts and law enforcement to investigate. The company says it has found no evidence so far that the code was altered or exploited, and the incident follows recent supply-chain and repository breaches affecting Checkmarx, Cisco, and HackerOne/Navia. #Trellix #LAPSUS$
Keypoints
- Trellix identified unauthorized access to part of its source code repository.
- External forensic experts and law enforcement have been engaged to investigate.
- No evidence so far that the accessed source code was altered or exploited.
- Trellix serves over 50,000 business and government customers and protects more than 200 million endpoints.
- Similar recent incidents include LAPSUS$ leaking Checkmarx data, Ciscoβs Trivy-related breach, and the HackerOne/Navia compromise.