ISMG Editors: Notepad++ Supply Chain Attack Raises Alarm

Also: Healthcare Cyber Risks Collide, Varonis Deal Signals AI Security Shift Anna Delaney (annamadeline) • February 6, 2026

In this week's panel, four ISMG editors unpacked the Notepad++ supply-chain compromise, the growing web of cyber risks facing healthcare, and what Varonis's acquisition of AllTrue.ai tells us about where artificial intelligence security is headed.

See Also: Proof of Concept: Bot or Buyer? Identity Crisis in Retail

The panelists - Anna Delaney, executive director, productions; Mathew Schwartz, executive editor, DataBreachToday and Europe; Marianne Kolbasuk McGee, executive editor, HealthcareInfoSecurity; and Michael Novinson, executive editor, ISMG Business - discussed:

• A highly targeted nation-state supply chain attack in which attackers compromised the Notepad++ update infrastructure to quietly backdoor a widely trusted developer tool, underscoring how even small, overlooked software can pose systemic risk;
• how recent reports show that healthcare organizations face a broad mix of cyber risks including phishing, identity failures, weak web applications and ...