Elastic's security team has released Supply Chain Monitor, an internal tool that monitors top npm and PyPI packages for supply chain compromises, a tool that also caught the recent Axios incident

https://www.elastic.co/security-labs/how-we-caught-the-axios-supply-chain-attack

https://github.com/elastic/supply-chain-monitor