Trellix Confirms Source Code Repository Breach Affecting Cybersecurity Giant Protecting 200M+ Endpoints

Trellix — the cybersecurity company formed from the McAfee Enterprise and FireEye merger — disclosed unauthorized access to a portion of its source code repository. The company, which protects over 200 million endpoints across 50,000+ business and government customers, stated no evidence was found that source code was exploited, altered, or that distribution pipelines were compromised. Trellix engaged external forensic experts and notified law enforcement. The attacker's identity and duration of access remain unknown. This echoes similar breaches at Microsoft, Okta, and LastPass in recent years.