Trellix discloses unauthorized access to source code repo

Trellix confirmed it recently detected unauthorized access to a portion of its source-code repository. The company notified law enforcement and engaged outside forensic experts. So far, investigators have found no evidence that code was released or exploited.

Trellix described the intrusion as recent and engaged forensic teams to determine what data may have been accessed and how attackers gained entry. The company did not identify which parts of the repository were affected, how long access lasted, or who may be responsible.

Trellix has found no evidence that its source code release or distribution process was affected or that its code has been exploited, according to the company’s statement.

Company officials declined to disclose technical details, including the method of access, whether systems beyond the repository were affected, or whether customer data was exposed. Public remarks focused on containment and ongoing investigation steps.

Trellix was formed in January 2022 after the merger of McAfee Enterprise and FireEye and is owned by Symphony Technology Group. The firm provides threat detection and response products used by enterprises and service providers. Mandiant, which had been part of the FireEye business, was sold separately to Google for $5.4 billion.

The company will continue working with forensic specialists and law enforcement and will update stakeholders as findings become available. Customers were urged to follow any guidance from Trellix security teams and to monitor for related suspicious activity.