Trellix Source Code Repository Incident: What Defenders Should Know

Trellix disclosed that an unauthorized party accessed part of an internal source code repository; while the company engaged external forensics and law enforcement and reports no evidence of exploitation or impact to its release/distribution processes, many key details remain unknown (dwell time, initial access, which components, exfiltration or secrets exposure, and attribution). The report outlines risks to defenders from source-code access and provides immediate recommendations for customers, including vendor incident reviews, heightened monitoring of Trellix-related activity, and tighter update integrity practices.