Trellix discloses data breach after source code repository hack

Trellix discloses data breach after source code repository hack By Sergiu Gatlan May 4, 2026 12:25 PM 1 Cybersecurity firm Trellix disclosed a data breach after attackers gained access to "a portion" of its source code repository. Trellix is a global cybersecurity company formed from the October 2021 merger of McAfee Enterprise and FireEye. It provides services to over 50,000 business and government customers worldwide, protecting more than 200 million endpoints. According to an official statement updated on Monday, the company is now investigating the incident with the help of outside forensic experts. At the moment, Trellix said it has yet to find evidence that the threat actors have exploited or altered the source code they accessed. "Trellix recently identified unauthorized access to a portion of our source code repository. Upon learning of this matter, we immediately began working with leading forensic experts to resolve it," Trellix says. "We have also notified law enforcement. Based on our investigation to date, we have found no evidence that our source code release or distribution process was affected, or that our source code has been exploited." A Trellix spokesperson shared the same statement when BleepingComputer asked for more details about the breach, including when it was detected, whether the attackers had also stolen corporate or customer data, and whether they had sent a ransom demand. While Trellix has yet to reply to a subsequent email requesting more information regarding this security incident, the company says in its official statement that it intends "to share further details as appropriate" after the investigation ends. Trellix isn't the first cybersecurity company whose systems were breached since the start of the year. Application security company Checkmarx confirmed last week that the LAPSUS$ hacking group leaked data stolen from its private GitHub repository, while Cisco revealed last month that hackers breached its internal development environment and stole source code using credentials compromised in the recent Trivy supply chain attack. Bug bounty platform HackerOne also notified hundreds of employees in March that their personal information had been stolen by attackers who hacked Navia, one of its U.S. benefits administrators. 99% of What Mythos Found Is Still Unpatched. AI chained four zero-days into one exploit that bypassed both renderer and OS sandboxes. A wave of new exploits is coming. At the Autonomous Validation Summit (May 12 & 14), see how autonomous, context-rich validation finds what's exploitable, proves controls hold, and closes the remediation loop. Claim Your Spot Related Articles: Dutch Finance Ministry takes treasury banking portal offline after breach Dutch Ministry of Finance discloses breach affecting employees Hackers steal $3.6 million from crypto ATM giant Bitcoin Depot CERT-EU: European Commission hack exposes data of 30 EU entities Medtech giant Stryker fully operational after data-wiping attack