Trellix source code repository breach — vendor confirmed, scope undisclosed, supply-chain integrity question open

Trellix, a major endpoint-security / XDR vendor serving enterprise and government customers globally, confirmed on 2026-05-04 that an unauthorised party accessed a portion of its internal source code repository. The company engaged external forensic specialists and notified law enforcement; Trellix stated no evidence was found that its product code-release or distribution pipeline was affected and no evidence the accessed code was exploited or altered. The initial access vector, duration of access, scope of repositories affected, and customer data impact have not been disclosed (BleepingComputer, 2026-05-04 · The Hacker News, 2026-05-04 · daily 2026-05-06). Defender takeaway: organisations running Trellix endpoint or XDR products should maintain elevated scrutiny on Trellix software updates until the forensic investigation publicly concludes; the supply-chain integrity question — could the accessed code be re-used by an attacker for bug discovery or implant tailoring? — remains unresolved.