Who Is Trellix — And Why Does This Matter?
Before the breach can be understood, the target must be. Trellix is not a small startup. It is the product of one of the largest consolidations in cybersecurity history — and a company that sits at the heart of enterprise defense for organizations around the world.
Trellix was founded in January 2022 through the merger of McAfee Enterprise and FireEye, two of the most storied names in cybersecurity. The deal was orchestrated by private equity firm Symphony Technology Group (STG), which also owned McAfee Enterprise. FireEye brought with it the legendary Mandiant threat intelligence division, decades of nation-state incident response, and the deep forensic credibility that came from investigating some of the most significant cyberattacks in history — including the SolarWinds compromise and the Sony Pictures hack.
Together, they formed a combined entity now protecting more than 50,000 business and government customers across 185 countries, securing more than 200 million endpoints worldwide. Trellix’s customer base includes Fortune 100 companies, financial institutions, healthcare systems, and government agencies. When Trellix’s source code is exposed, the downstream risk is not hypothetical — it is institutional.
The Breach: What We Know, What We Don’t
On May 1, 2026, Trellix published a terse statement on its corporate website disclosing that a threat actor had recently gained unauthorized access to “a portion of our source code repository.” The company said it immediately engaged leading forensic experts and notified law enforcement.
The official statement was deliberately minimal: Trellix provided no information about which products were affected, how long the intruder had access, how the initial entry was achieved, or how much code was exposed. The company said only that it had found no evidence that its source code release or distribution process was affected, and no evidence that the source code had been exploited. It promised further updates once the investigation was complete.
Then, six days later on May 7, 2026, the situation escalated. Ransomware group RansomHouse listed Trellix on its dark web data leak portal, claiming responsibility for the hack. The group published screenshots apparently showing access to Trellix’s internal appliance management system and internal service dashboards. While the authenticity of the screenshots could not be independently verified, security researchers noted the images were consistent with the kind of internal access that would follow a source code repository compromise.
Mar 19
2026
Trivy Supply Chain Compromise BeginsTeamPCP compromises Trivy — Aqua Security’s widely-used open-source vulnerability scanner — by injecting credential-stealing malware into official releases. The attack simultaneously targets the trivy-action and setup-trivy GitHub Actions, weaponizing trusted security tooling against thousands of organizations relying on it.
Mar–Apr
2026
Campaign Expands: Checkmarx, Bitwarden HitTeamPCP uses CI/CD secrets stolen from the Trivy campaign to laterally pivot into Checkmarx (KICS tool poisoned), Bitwarden (malicious @bitwarden/cli npm package), and LiteLLM. Each wave uses a new C2 domain themed to the compromised project. Microsoft documents the campaign publicly.
Late Mar 2026
LAPSUS$ Connection EmergesGoogle Cloud’s Wiz Security reports that TeamPCP may be collaborating with LAPSUS$ to monetize stolen credentials. Signs also emerge of TeamPCP working with the Vect ransomware group to target Trivy campaign victims.
Apr 17, 2026
Trellix Breach OccursAccording to RansomHouse, the intrusion into Trellix’s source code repository occurs on April 17. The attackers claim the breach resulted in data encryption. Trellix’s security team does not immediately detect the intrusion.
May 1, 2026
Trellix Publicly Discloses the BreachTrellix posts a brief statement to its website confirming unauthorized access to “a portion” of its source code repository. Forensic experts engaged, law enforcement notified. No affected products named, no timeline of access provided.
May 7, 2026
RansomHouse Claims ResponsibilityRansomHouse lists Trellix on its dark web extortion portal and publishes screenshots allegedly showing access to internal services and management dashboards. Trellix says it is “aware of claims and looking into it.” The type and volume of stolen data is not disclosed.
May–Jun 2026
Investigation OngoingFull investigation continues. The connection to the TeamPCP/LAPSUS$ supply chain campaign has not been officially confirmed. No evidence of source code exploitation or distribution pipeline compromise has been found to date.
The Threat Actors Behind the Campaign
Understanding the breach requires understanding the interconnected web of criminal groups potentially involved. Three distinct threat actors have emerged from the reporting — each with different motives, methods, and relationships to the Trellix incident.
The interconnection between these groups is the most alarming aspect of the threat landscape in 2026: initial access specialists, monetization groups, and ransomware operators are now functioning as a coordinated ecosystem — dividing labor to maximize both reach and profit. A single compromised CI/CD token can travel through multiple criminal hands before an enterprise even detects the initial intrusion.
A Pattern of Attacks on Security Vendors
Trellix is not an isolated target. The breach fits a disturbing and accelerating pattern: the cybersecurity industry itself has become the most valuable supply chain target in enterprise IT.
The pattern reveals a calculated strategic logic: breaching a security vendor is not just about that vendor. It is about gaining leverage over every organization that trusts that vendor’s products. Security tooling occupies a uniquely privileged position in enterprise architecture — it has elevated permissions, broad network visibility, and runs on endpoints across the entire organization. A compromised security product is the ultimate insider threat.
What Security Teams Should Do Right Now
Whether your organization uses Trellix products or not, this breach is a concrete forcing function to review your supply chain and developer environment security posture. Here is what the security community recommends.
