Cybersecurity firm Trellix has disclosed a breach of part of its source code repository, though the company says there's no evidence the code was exploited or that its release process was compromised. The timing suggests a possible connection to a wider supply chain campaign linked to hacker groups TeamPCP and Lapsus Dollar, which has also hit other security companies including Checkmarx, Aqua Security, and Bitwarden through compromised development pipelines. Trellix is working with forensic experts and law enforcement while promising more details after the investigation concludes.