www.securityweek.com 5/4/2026, 5:51:31 PM · via preferred

Hackers breach Trellix source code repo, law enforcement notified

Hackers breach Trellix source code repo, law enforcement notified
Developing story campaign 5 articles tracked
Trellix suffers source code repository breach
CyberSIXT Evidence Panel
Primary Source trellix.com
Threat Actor

ACCORDING to Trellix, a part of its source code repository was recently breached, and the company is working with forensic experts as law enforcement has been notified. The cybersecurity firm says, based on its investigation to date, there is no evidence that its source code release or distribution process was affected, or that the source code has been exploited.

The breach has prompted Trellix to promise additional details once the probe is complete, with speculation about the exact window of intrusion and the culprits continuing in the meantime. The timing hints that the incident may be related to a wider supply chain attack targeting open source software to access multiple companies, security researchers say.

SecurityWeek notes the campaign has been linked to profit‑driven hacker groups TeamPCP and Lapsus$, which have exploited CI/CD pipelines to distribute trojanized updates and malicious extensions, enabling large‑scale exfiltration of credentials and source code from affected environments. The report is dated 4 May 2026.

View Primary Source Via www.securityweek.com

Article by CyberSIXT

Timeline Coverage

Swipe to explore timeline