Trellix A.I CyberSecurity Scoring
Trellix
Company Information
Website:https://www.trellix.com
Employees number:3,836
Number of followers:497,401
NAICS:541514
Industry Type:Computer and Network Security
Homepage:trellix.com
Trellix Risk Score (AI oriented)
Between 700 and 749
TrellixComputer and Network Security
Updated:
02/05/2026
02/05/2026
707/1000
Moderate
Ba
Trellix Global Score (TPRM)
xxxx
TrellixComputer and Network Security
Score locked

TrellixModerate
Current Score
707Ba (MODERATE)
01000
2 incidents
-58 avg impact
Incident timeline with MITRE ATT&CK tactics, techniques, and mitigations.
JULY 2026
710
JUNE 2026
710
MAY 2026
765
Breach
02 May 2026 • Trellix
Trellix: Trellix Confirms Source Code Breach With Unauthorized Repository Access
Trellix Source Code Repository Breach
707
LOW-58
TRE1777710220
Trellix Confirms Source Code Repository Breach, Investigates Unauthorized Access
Cybersecurity firm Trellix disclosed a security breach involving unauthorized access to a portion of its source code repositories. The company detected the compromise "recently" and has since engaged leading forensic experts to investigate the incident, while also notifying law enforcement.
Trellix stated that its investigation has found no evidence that the accessed source code was exploited or that its release and distribution processes were impacted. However, the company did not specify the exact data accessed, the duration of the breach, or the threat actors responsible. Additional details will be shared as the investigation progresses.
Formed in January 2022 through the merger of McAfee Enterprise and FireEye, Trellix is owned by Symphony Technology Group. The breach follows Google’s $5.4 billion acquisition of Mandiant, which was previously part of FireEye, around the same time. The incident remains under active investigation.
INCIDENT DETAILS -
TYPE
IMPACT
DATA BREACH
REFERENCES
APRIL 2026
765
MARCH 2026
764
FEBRUARY 2026
764
JANUARY 2026
775
DECEMBER 2025
763
NOVEMBER 2025
762
OCTOBER 2025
762
SEPTEMBER 2025
762
AUGUST 2025
761
JULY 2025
775
Cyber Attack
11 Jul 2025 • Trellix
Nozomi Networks, CyberAv3ngers and Homeland Justice: Nozomi finds 133% surge in Iranian cyberattacks targeting US, as transportation and manufacturing most affected
Iranian Cyberattacks Surge 133% Amid Geopolitical Tensions, Targeting U.S. Critical Infrastructure
760
CRITICAL-15
US-NOZTRE1774333876
Iranian Cyberattacks Surge 133% Amid Geopolitical Tensions, Targeting U.S. Critical Infrastructure
Nozomi Networks Labs reported a sharp escalation in cyberattacks linked to Iranian threat groups, with a 133% increase in incidents during May and June 2024 compared to the previous two months. The surge peaking at 18 attacks in May before declining to 10 in June coincided with heightened regional conflicts involving Iran, with U.S. organizations as the primary targets.
At least 28 confirmed attacks were attributed to six Iranian state-sponsored or affiliated groups: MuddyWater, APT33, OilRig, CyberAv3ngers, FoxKitten, and Homeland Justice. The transportation and manufacturing sectors bore the brunt of the activity, though critical infrastructure, energy, and government entities were also heavily targeted.
### Key Threat Actors & Their Campaigns
- MuddyWater emerged as the most active, compromising at least five U.S. companies in transportation and manufacturing. The group, operational since 2017, has historically focused on the Middle East but expanded its reach to North America, Europe, Asia, and the Middle East, targeting government, telecommunications, and energy sectors.
- APT33 conducted attacks against three U.S. firms, with infrastructure traced to operations spanning North America, Europe, the Middle East, and Asia, including Germany, France, Saudi Arabia, and Japan. The group’s focus on strategic geopolitical and economic hubs suggests intelligence-gathering and disruption objectives.
- OilRig maintained its long-standing campaign against Gulf region targets, including energy, government, and telecommunications sectors, but also extended operations to the U.S., Spain, and Turkey. Attack paths originating from Iran indicate a broader geopolitical and intelligence-driven agenda.
- CyberAv3ngers, known for targeting operational technology (OT), reused an IP address from a prior attack and deployed the OrpaCrab (IOCONTROL) malware, first identified in December 2023. The group’s recent activity targeted the U.S., Ukraine, Iraq, and Cyprus, with a focus on critical infrastructure and industrial sectors.
- FoxKitten concentrated on Israel, Greece, and North Macedonia, aligning with its history of espionage and long-term access within government and critical infrastructure networks in the Eastern Mediterranean and Middle East.
- Homeland Justice, a hacktivist collective, demonstrated a global reach, striking targets in the U.S., Canada, Saudi Arabia, India, and Australia. The group’s politically motivated attacks spanned critical infrastructure and government entities, reflecting a broad disruption strategy.
### Geopolitical Context & U.S. Response
The surge in Iranian cyberactivity follows escalating regional tensions, prompting U.S. security agencies to issue warnings last week. Critical infrastructure operators were advised to monitor for threats and isolate OT/ICS assets from public internet access, particularly those with ties to Israeli defense or research entities. The agencies emphasized the heightened risk to the defense industrial base (DIB) and other high-value sectors in the near term.
Nozomi Networks confirmed that its threat intelligence feeds including a Mandiant TI Expansion Pack already contain signatures to detect these groups, though the broader threat landscape underscores the expanding scope and sophistication of Iranian cyber operations.
INCIDENT DETAILS -
TYPE
MOTIVATION
IMPACT
REFERENCES
Frequently Asked Questions
?
What is the current A.I Rankiteo Cyber Score for Trellix ??
What was Trellix's A.I Rankiteo Cyber Score in June 2026 ??
What was Trellix's A.I Rankiteo Cyber Score in May 2026 ??
What was Trellix's A.I Rankiteo Cyber Score in April 2026 ??
What was Trellix's A.I Rankiteo Cyber Score in March 2026 ??
What was Trellix's A.I Rankiteo Cyber Score in February 2026 ??
What was Trellix's A.I Rankiteo Cyber Score in January 2026 ??
What was Trellix's A.I Rankiteo Cyber Score in December 2025 ??
What was Trellix's A.I Rankiteo Cyber Score in November 2025 ??
What was Trellix's A.I Rankiteo Cyber Score in October 2025 ??
What was Trellix's A.I Rankiteo Cyber Score in September 2025 ??
What was Trellix's A.I Rankiteo Cyber Score in August 2025 ??
What is the average per-incident point impact on Trellix's A.I Rankiteo Cyber Score over the past 12 months ??
Where can I access detailed records of all cyber incidents associated with Trellix ??
Where can I find a summary of the A.I Rankiteo Risk Scoring methodology ??
Where can I view Trellix's profile page on Rankiteo ??
How accurate is the A.I Rankiteo Risk Scoring methodology ?