Consider contributing your talents to projects that seek to improve the security of these registries. One project worth your attention is Aura, a Python source code auditing and static analysis tool. For those who want to explore Python malware detection challenges identified as important by the Python Software Foundation, see here. Consider contributing malware checks to the Python Package Index codebase, aka Warehouse.
For those interested in directly identifying malicious packages, you'll need to build registry scanners and then analyze the results, reporting any malware you find. One past effort is pypi-scan, but I'm looking forward to future, more capable scanners in the future!
Join the working group meetings of the Open Source Security Foundation, or OpenSSF. This is a community dedicated to upholding the security of open source software.
Whatever you do, remember that these ecosystems depend on security for their continued health. So consider doing your part!