When you purchase through links on our site, we may earn an affiliate commission.Heres how it works.
Hackers can abuse Ubuntus command-not-found package suggestion system to delivermalwareto users, researchers are saying.
The attack surface is relatively large, and there are multiple ways threat actors can abuse the feature.
The problem here is that there is no way of knowing if the suggested package is malicious or not.
So, in theory, a threat actor could force the system to suggest malicious packages to the user.
After that, its only a matter of chance for the victim to pick the wrong one.
ViaBleepingComputer
