ACCORDING to Infosecurity Magazine, a leading US cybersecurity vendor has been breached by threat actors who accessed its source code, with Trellix disclosing the incident on May 4 and stating it has notified law enforcement and is working with leading forensic experts to determine exactly what happened.
Trellix said that unauthorized access was identified to a portion of its source code repository, and that, based on their investigation to date, there is no evidence that the source code release or distribution process was affected, or that the source code has been exploited.
Trellix is the company formed from the merger of McAfee Enterprise and FireEye in 2021 after they were acquired by private equity firm Symphony Technology Group, and it sells threat intelligence and AI-powered detection and response services including NDR and EDR, as well as data security and email security.
Access to its source code could give threat actors a major advantage, warned Isaac Evans, founder of software security firm Semgrep, who described the potential implications for security tooling and update paths. It remains unclear who is responsible for the breach, with Trellix keeping details tight until the investigation is complete.