Trellix reported a security flaw that impacted part of its source code repository, but the company states there is no evidence of code being used wrongly. It quickly started a probe with experts and informed the law enforcement agency.

By infosecbulletin
/ Tuesday , July 14 2026
Meta announced on Monday that its data center in Richland Parish, Louisiana, will grow to 5 gigawatts of computing power....
Read More
By infosecbulletin
/ Sunday , July 12 2026
Global ransomware attacks stayed very high in the first seven months of 2026. There were 5,064 confirmed victims in 135...
Read More
By infosecbulletin
/ Sunday , July 12 2026
Palo Alto Networks shared warnings on Wednesday about over twelve security issues in its products. The new warnings include 13 security...
Read More
By infosecbulletin
/ Sunday , July 12 2026
A critical flaw with how Dell saves BIOS passwords lets anyone quickly recover these passwords from a flash dump without...
Read More
By infosecbulletin
/ Saturday , July 11 2026
CoLoCity is proud to launch a new Data Center in Gulshan-2. It is designed to meet the growing demand for...
Read More
By infosecbulletin
/ Friday , July 10 2026
Cyberattacks are rising around the world, including ransomware, malware, data leaks, and hacked websites. These events show how complex and...
Read More
By infosecbulletin
/ Friday , July 10 2026
A major AWS attack shows how attackers with AI can connect known cloud strategies to go from first access to...
Read More
By infosecbulletin
/ Thursday , July 9 2026
A new cybercrime ad is catching attention in the security world. It talks about a botnet that doesn't just get...
Read More
By infosecbulletin
/ Wednesday , July 8 2026
CrowdStrike has shared five new ways to inject prompts, showing the rising danger to AI agents as more organizations use...
Read More
By infosecbulletin
/ Wednesday , July 8 2026
A critical flaw in Google Cloud Platform’s Dialogflow CX lets attackers add harmful code to a company's AI chatbot system....
Read More
“Trellix recently identified unauthorized access to a portion of our source code repository. Upon learning of this matter, we immediately began working with leading forensic experts to resolve it. We have also notified law enforcement.” reads the update published by the security firm. “Based on our investigation to date, we have found no evidence that our source code release or distribution process was affected, or that our source code has been exploited. As part of our commitment to our broader security community, we intend to share further details as appropriate once our investigation is complete.”
The company did not say who did the attack or how he did it. It is not clear how long the attackers had access to the repository.
Unauthorized access to a part of a source code can reveal important details, APIs, or passwords. Attackers might look at the code to find weaknesses, create attacks, or plan specific strikes. This can also result in stolen ideas, damage to reputation, and risks to the supply chain if changed code is shared with customers or partners.
Source code repositories are main targets for attackers who want to find weak spots, insert backdoors, or carry out supply chain attacks on customers.
The event is like other big code hacks that hit Microsoft, Okta, and LastPass in the last few years. Trellix has pledged transparency, stating it intends to share further technical details with the broader security community once its investigation concludes.