Researchers at Aqua Security say they’ve identified a security flaw in the way Ubuntu’s “command not found” feature works, which attackers could exploit to trick users into installing malicious snaps. In a blog post detailing the findings, researcher Ilay Goldman concludes that “the risk of attackers exploiting the ‘command-not-found’ utility to recommend their own malicious snap packages is a pressing concern”.
Source: OMG! Ubuntu!