Researchers at Aqua Nautilus say they’ve identified a security issue in the way Ubuntu’s “command not found” feature works, which attackers can exploit to trick users into installing malicious snaps. In a lengthy blog post detailing their investigation, the security outfit concludes that “the risk of attackers exploiting the ‘command-not-found’ utility to recommend their own malicious snap packages is a pressing concern”.
Source: OMG! Ubuntu!