A prototype version of the Package Analysis tool has been recently released by the Open Source Security Foundation (OpenSSF), and it is the first of its kind to be published. Using this tool, you can identify malicious attacks against open source registries in real-time and counter them.
Read full article on GBHackers