Trellix Confirms Source Code Repository Breach

Trellix announced on May 2 that unauthorized parties accessed parts of its internal source code repositories; the company engaged external security experts and informed authorities. While Trellix says there is no evidence its software distribution was compromised or that leaked code has been used in attacks, the breach of a vendor that supplies EDR/XDR to governments and banks creates supply-chain and detection-bypass concerns as the investigation continues.