Outset Capital
← Back to BlogApril 2026Part of 10 Minutes or Less

10 Minutes or Less: Socket CEO Feross Aboukhadijeh on Open Source Security

Socket founder and CEO Feross Aboukhadijeh joined Ali on 10 Minutes or Less to discuss the recent Axios backdoor attack that his team detected within six minutes of it hitting npm. The conversation covers how Socket uses AI to read code across 19 open source ecosystems, why open source has become critical infrastructure without adequate funding, and why attackers are increasingly targeting supply chains.

Feross also shares his experience being personally targeted by North Korean hackers and reflects on the state of open source security.

Read the full transcript

Transcript has been lightly edited for clarity

Q: The announcement of Anthropic Mythos, detecting the Axios attack 6 minutes after it happened, 5 major supply chain attacks in one month, being targeted by North Korean hackers... what is this moment like for you?

Feross: That's a great question. It's kind of surreal, actually, because we've been talking about the problem in software supply chain security since 2020, since we started the company. At the beginning, it felt like we were working on a niche problem, like it wasn't going to be a big deal.

But I think we saw the future a little bit and realized that the way we build software today has changed and kind of opened up this opportunity for attackers to get into companies and organizations through all the open source code that we build all of our software with.

You never want to get happy or celebrate as a security vendor when there's attacks happening, of course. But there's also a way that I look at this, which is that I think we're going to come out stronger as a software industry because this issue is now in the forefront and it's become such a high profile concern amongst pretty much everybody if they're paying any attention at all. So I think we're going to end up better for it all.

Q: Is there any part of you that's like: I told you so?

Feross: Yeah, absolutely. A lot of our team at Socket are open source maintainers ourselves. We have about 40 engineers on the team and over half have been open source authors at some point in their careers. Collectively, the team is responsible for about 15 to 20% of all npm download traffic. So we're a big part of the supply chain ourselves.

We've seen firsthand how hard it is to be an open source maintainer. What goes into that job: it's often unpaid, it's often volunteer based. And then to think the whole economy of the world is built on top of this foundation.

I think we all knew that this problem was there, that we're building software on this shifting foundation. And so to see the attackers finally realizing that this is a great opportunity, it's not a huge surprise.

Q: Let's talk about Axios. How was Socket able to flag the Axios backdoor so fast?

Feross: So what happened was, the maintainer of Axios (which, by the way, is a really popular open source library that helps you make HTTP requests, so it's a foundational component that you see in a lot of applications) got a phishing email which was coming from somebody pretending to be the founder of a startup.

They gave him a Slack invitation to join this channel and work with the company on helping to maintain Axios, collaborating in various ways. They built up a relationship with him over the course of about two weeks, ultimately getting on a Microsoft Teams call with him.

And they did this really sophisticated attack. They put together a fake Microsoft Teams website, but it used the official Microsoft Teams SDK, so all the video components and everything kind of looked like the real thing and it was embedded in the page. At some point in the call, the call just drops, and then a little error message shows up that says you need to install this application on your system to update the software.

Anybody who's on a call who's worried and paranoid like, ah, I've got to get back in the call, they're waiting for me. He just double clicked on it and installed it. It's the kind of thing that could happen to anybody. They really built up this kind of trust with him, so he wasn't suspecting this type of attack.

That was really the moment where they were able to install what's called a remote access trojan onto his laptop, and from that point on, control everything on his computer, steal the tokens for his npm packages, and then put these backdoors into the packages.

Q: And then you guys found it really quickly. How were you able to detect what had happened?

Feross: The key insight of Socket was that traditional vulnerability scanning tools are very reactive. They sort of wait around for a security researcher to find a vulnerability inside of a piece of code and then report it. What we realized when we were starting the company was you really have to be much more proactive.

In the case of Axios, the moment that this bad code got added into Axios, everyone who is using that software should be able to know right away that something about this has changed in a fundamental way. The security model of the package has changed. There's now data being stolen from the system. That code wasn't there before.

We really needed to come up with a new model, which is: you look at the code. It sounds simple, but if humans aren't going to read this code before they download it from a random website that they've found online and start using it, then we need APIs to do it.

So the real insight is we go out and we proactively (it's almost like a web crawler, like Google but for open source code) go and find everything and analyze it all. It's very expensive. There's a lot of compute, a lot of token spend. But it leads to a much better, much safer model.

Q: Switching topics a little bit, I want to talk about being personally targeted by North Korean hackers. What is that like to learn that a nation state is coming after you specifically?

Feross: This isn't the first time it's happened. There was another attack where they were doing a bunch of what are called typosquat attacks, where they tried to pretend that they are other packages, and they hope that an AI or a human is going to make a typo or make a mistake and install something that's a couple letters off from the correct package.

It's hard to know whether they're coming after me specifically because of working at Socket, or if it's more like they're going after the top maintainers on npm and just going down the list by download count and I'm included in that list. It's probably the latter. If you look at the other folks that were hit. They were not hit, I should be clear. Being targeted means that they attempted to try to trick us. But nobody (myself or anyone at Socket) was actually fooled by it or fell for the bait. I just want to be really clear about that.

But yeah, it was funny: after it happened and the Axios maintainer shared some screenshots of what the initial emails he got looked like, myself and a bunch of others at the company, we just started searching our email and we're like, oh, we have the same email.

Q: Does the rise of AI agents make your job easier or harder?

Feross: It absolutely helps Socket. The insight that we had was that you really want to look at all the code that you're using in your application. Obviously, humans can't do that. It's not cost effective. It doesn't scale. But you can think of AI as this infinitely scalable set of AI minions that you can apply to whatever boring, repetitive tasks that you don't want to do as a human.

It absolutely has helped. We're now literally reading every line of code of every open source package across 19 ecosystems. That would not have been possible without AI. If we were using old school ML methods or just human labor, that's not going to scale.

What really works well is the hybrid AI-human combo, because the AI can do the grunt work and it can surface the most interesting insights to the experts on our team, who today are way better than the AI is at confirming these things. When you combine the two, you can basically drive false positives to zero.

We can afford to do this because open source, while there are tens of millions of packages, it is ultimately a finite problem. There is a fixed number of these things, and so we can afford to throw a lot of compute, a lot of token spend at it, and do this great work for our customers and for the community.

Q: Something that's interesting to me, especially with the Mythos announcement yesterday, is it kind of feels like cybersecurity is more and more national security, too. How do you think about that?

Feross: Totally. Open source is infrastructure. It's like our roads and our bridges. Nadia Eghbal wrote this amazing research paper and then later book on the idea of open source as roads and bridges and as key infrastructure for the whole country. That is absolutely what it is and how to think about it.

I don't know how to solve the problem of how to secure every single open source project at the project level. It's a really challenging problem. Do you fund it? Do you just give money to people? Should this be a government thing where we treat it as funding libraries or funding roads and bridges? Because in the past, getting companies to voluntarily pay money to you for code that is licensed as free (that they don't need to pay for), it's a clash. Donations and corporate CFOs, those don't really go together. It's very hard for companies to actually get money into the hands of the people that work on this stuff.

So you end up with this tragedy of the commons where these critical components are maintained by one random person who's been doing it for 15 years, is totally burned out, totally susceptible to being tricked into just giving it to somebody random who shows up with even the slightest amount of help. It's crazy to think that we're building all companies in the world on top of this foundation and it's not properly funded and properly resourced.

Q: I think I read that earlier in your career, you tried to do something about that, right?

Feross: Yeah. It was actually a funny story. I tried a whole bunch of things, but the one that got a lot of attention was I had an idea to bring advertising to open source. The idea was: as you were installing a package, you'd type npm install such-and-such, and then you'd see a banner ad in your terminal that would tell you, this package is brought to you by, and then some sponsor.

It had a very strong visceral reaction in the developer community. A lot of people were like, why are you bringing ads to the terminal? It's my one safe space where there's no advertising. Please don't bring advertising.

So I totally get it. The point wasn't that I love advertising or that I'm excited about ads, but I really wanted to do something that was in your face and would raise awareness of the issue to more people.

It absolutely did raise awareness. It was a huge controversy on Hacker News. Ultimately the two initial sponsors that I had roped into doing this to be part of this initial experiment were getting upset users contacting them saying, I'm going to cancel my subscription with you guys if you don't back out of this. We meant you're doing this for us because I hate advertising that much.

I got literally panicked calls from the CEO of one of the companies, and he's like, you need to take our ad down right now. We're literally losing customers because of this ad. Please cancel it.

I still think it was a success in terms of creating a conversation piece. I really do think those sponsors, and myself, had our heart in the right place. People are really entitled. People see it as this all-you-can-eat buffet of, I'm just used to it all being there for free. Like, what do you mean I have to pay for this, or there's people behind it?

Q: Five years from now, does open source look fundamentally different than it does today?

Feross: Yeah, I think it will. The scale of pull requests and issues that maintainers were already dealing with was a lot. And now you have agents going around and doing stuff, constantly opening PRs. There's a lot of overload from well-meaning people that are trying to help and deploy their AI.

It's taking an already overburdened open source maintainer group and throwing even more at them. Then you add in all the vulnerabilities that new models like Mythos are going to find, and you're going to get even more backlog. Maintainers are already at a breaking point, so I don't know how that affects things.

I think we'll see adoption of tools like Socket and other companies to help get a handle on all the threats coming from both the vulnerabilities and the supply chain attacks happening in open source.

You may see a little bit of a reduction in the usage of open source dependencies at the margins, maybe just a small amount. I don't think it's going to be a big amount. But when you're talking about a 50-line package, it might make sense to just have the AI write that 50 lines directly into your application and remove that supply chain risk.

Obviously there are trade-offs. That comes with its own downsides because now you don't get improvements over time, you don't get performance fixes, you don't get bug fixes. You're responsible for maintaining that code. So you lose a little bit of reusability.

But given the threat we're seeing in the supply chain, I think people are going to start to consider doing that. I don't think it's going to spread very far. I don't think you're going to see people rewriting React or Node.js or their own operating system like macOS for themselves. There's still a lot of value to building on the same shared foundation as others in the community. This is also stuff that the models have been trained on. But I do think we'll see some shift there. We're living in very interesting times.