Checkmarx Supply Chain Security identifies potentially malicious open source packages>
Help Net Security
Checkmarx launched Checkmarx Supply Chain Security solution to identify suspicious and potentially malicious open source packages across the modern application development lifecycle.

Working in concert with Checkmarx Software Composition Analysis (SCA), Checkmarx Supply Chain Security identifies anomalies in the health and security of open source projects, analyses contributor reputation and also directly interrogates the behaviour of packages via analysis within a detonation chamber. The result is full-spectrum software supply chain insight and analysis that closes a significant gap in organizationsâ application security.
Link: https://www.helpnetsecurity.com/2022/03/24/checkmarx-supply-chain-security/