Ubuntu ‘command-not-found’ Tool Could Trick Users into Installing Rogue Packages
February 14, 2024 at 08:51AM Cybersecurity researchers discovered a vulnerability in the ‘command-not-found’ utility on Ubuntu systems that could allow threat actors to recommend and install their own malicious packages. The vulnerability stems from the utility’s reliance on the snap repository, potentially leading to deceptive recommendations and software supply chain attacks. Users are urged to … Read more