Port 22

Here's a New Tool That Scans Open-Source Repositories for Malicious Packages

The Open Source Security Foundation (OpenSSF) has announced the initial prototype release of a new tool that’s capable of carrying out dynamic analysis of all packages uploaded to popular open source repositories. Called thePackage Analysisproject, the initiative aims to secure open-source packages by detecting and alerting users to any malicious behavior with the goal of bolstering the