Cybersecurity firm Trellix has disclosed a data breach after unauthorized actors gained access to a portion of its internal source code repository, raising concerns about potential downstream risks in the software supply chain.
The company confirmed that the incident involved unauthorized access to parts of its development environment. Upon detection, Trellix said it initiated an investigation with external forensic experts and notified law enforcement authorities.
According to the company, the breach was limited in scope. Trellix stated that its ongoing investigation has found no evidence that its source code distribution or release processes were compromised. It also said there are no indications that the accessed code has been actively exploited.
The firm did not disclose how attackers gained access or how long they may have remained inside the environment. It has also not confirmed whether any data was extracted or publicly shared, leaving uncertainty around the full impact of the incident.
Source code repositories are considered high-value targets in cyberattacks. Access to such environments can allow threat actors to study software architecture, identify vulnerabilities, or attempt supply chain attacks by inserting malicious code into trusted systems.
Security analysts note that even limited exposure can carry risks, particularly for companies operating in the cybersecurity sector. Trellix provides endpoint security and threat detection tools to thousands of enterprise customers, meaning any compromise of internal code could have broader implications if misused.
The incident comes amid a wider trend of attacks targeting development infrastructure and software supply chains. Recent breaches involving other technology companies have shown that attackers increasingly focus on repositories, build systems, and developer credentials as entry points into enterprise environments.
Trellix said it continues to monitor the situation and will provide updates as the investigation progresses. For now, the company maintains that there is no evidence of product tampering or impact to customer-facing systems, though the full scope of the breach remains under review.