Trellix Source Code Repository Breached in Suspected Supply Chain Attack

Trellix confirms source code breach linked to hacker groups. Investigation ongoing, no compromise in code release found.

By Content Team

May 4, 2026

ON THIS PAGE

Share

---

ON THIS PAGE

Want more insights like this?

Subscribe to our newsletter to get the latest software protection strategies delivered to your inbox.

By submitting your email, you consent to Codekeeper contacting you and agree to our privacy policy.

Cybersecurity firm Trellix confirmed a breach of part of its source code repository, though details remain scarce. The company is working with forensic experts and has notified law enforcement. Trellix says there's no evidence its code release process was compromised or that the source code was exploited — but a full investigation is still underway.

The breach may tie into a broader supply chain campaign linked to hacker groups TeamPCP and Lapsus$, which also hit Checkmarx, Aqua Security, and Bitwarden. Attackers reportedly compromised CI/CD pipelines to push malicious updates and steal credentials at scale.

Source: SecurityWeek

Share this article

Have questions about protecting your software?

Our escrow experts are standing by to help.

Book a free demo

YOU MAY ALSO LIKE

Ransomware Groups Targeting Industrial Systems Surge 49% in 2025

Feb 18, 2026

Foster City Declares Emergency After Ransomware Attack Shuts Down City Network

Mar 25, 2026

Chinese Hackers Hijacked Notepad++ Updates Through Hosting Provider Compromise

Feb 2, 2026

Critical Cisco Zero-Day Exploited by Chinese Hackers Targeting Infrastructure

Jan 17, 2026