ON 8 May 2026, RansomHouse claimed responsibility for the Trellix breach, adding the security firm to its Tor data leak site and publishing screenshots they allegedly show access to internal Trellix systems. The article notes that in early May Trellix disclosed unauthorized access to part of its source code repository and that the company began an investigation with forensic experts and notified law enforcement.
Trellix says there is no evidence that its source code release or distribution process was affected, or that its source code has been exploited. The piece also explains that attackers may study the code to find vulnerabilities or plan targeted attacks, with potential consequences including intellectual property theft and supply chain risks.
RansomHouse is described as a cyber extortion group that emerged in 2021 and targets large organisations worldwide, often exploiting exposed services, weak credentials, phishing, and vulnerable remote access. The article includes a Trellix update quoting the company’s assurance that its investigation is ongoing. according to Security Affairs.