Trellix Confirms Source Code Breach With Unauthorized Repository Access - The Hacker News

Trellix Confirms Source Code Breach With Unauthorized Repository Access Ravie LakshmananMay 02, 2026Data Breach / Enterprise Security Cybersecurity company Trellix has announced that it suffered a breach that enabled unauthorized access to a "portion" of its source code. It said it "recently identified" the compromise of its source code repository and that it began working with "leading forensic experts" to resolve the matter immediately. It also said it has notified law enforcement of the matter. Trellix did not disclose the exact nature of the data that may have been accessed by the attackers. However, it pointed out that there are no indications that its source code has been affected or exploited. "Based on our investigation to date, we have found no evidence that our source code release or distribution process was affected, or that our source code has been exploited," the company added.  The company did not share any details about who may be behind the incident, and for how long the attackers had access to its systems. Trellix noted that additional information will be shared as appropriate once its investigation is complete. Owned by Symphony Technology Group, Trellix was founded in January 2022 following the merger of McAfee Enterprise and FireEye. Around the same time, Mandiant, which was owned by FireEye, was acquired by Google in a deal worth $5.4 billion. When reached for comment, a spokesperson for Trellix acknowledged the breach and shared the same official statement posted on its website. Update On May 7, 2026, a ransomware group known as RansomHouse claimed responsibility for the hack, listing the company on its data leak site. When contacted for comment, a Trellix spokesperson said they are "aware of claims of responsibility for the attack and are looking into it." It did not say if the two incidents were connected. Found this article interesting? Follow us on Google News, Twitter and LinkedIn to read more exclusive content we post. SHARE     Tweet Share Share SHARE  Corporate security, cybersecurity, data breach, digital forensics, enterprise security, Incident response, law enforcement, software security, source code, Threat Investigation ⚡ Top Stories This Week PAN-OS RCE Exploit Under Active Use Enabling Root Access and Espionage Microsoft Details Phishing Campaign Targeting 35,000 Users Across 26 Countries We Scanned 1 Million Exposed AI Services. Here's How Bad the Security Actually Is Critical Apache HTTP/2 Flaw (CVE-2026-23918) Enables DoS and Potential RCE New Linux PamDOORa Backdoor Uses PAM Modules to Steal SSH Credentials ThreatsDay Bulletin: Edge Plaintext Passwords, ICS 0-Days, Patch-or-Die Alerts and 25+ New Stories Day Zero Readiness: The Operational Gaps That Break Incident Response Palo Alto PAN-OS Flaw Under Active Exploitation Enables Remote Code Execution The Hacker News Launches 'Cybersecurity Stars Awards 2026' — Submissions Now Open Linux Kernel Dirty Frag LPE Exploit Enables Root Access Across Major Distributions Quasar Linux RAT Steals Developer Credentials for Software Supply Chain Compromise ⚡ Weekly Recap: AI-Powered Phishing, Android Spying Tool, Linux Exploit, GitHub RCE and More Trellix Confirms Source Code Breach With Unauthorized Repository Access 2026: The Year of AI-Assisted Attacks 30,000 Facebook Accounts Hacked via Google AppSheet Phishing Campaign Progress Patches Critical MOVEit Automation Bug Enabling Authentication Bypass Load More ▼ ⭐ Featured Resources [Guide] Get Practical AI SOC Insights to Improve Threat Detection [Demo] Stop Email Attacks and Protect Cloud Workspace Data Faster [Webinar] Learn How Autonomous Validation Keeps Pace With AI Attacks [Demo] Discover How to Control Autonomous Identity Risks Effectively