Ubuntu 'command-not-found' Tool Could Trick Users into Installing Rogue Packages

Post Reply
Shane1145
Posts: 1689
Joined: Wed Sep 25, 2024 2:31 pm

Ubuntu 'command-not-found' Tool Could Trick Users into Installing Rogue Packages

Post by Shane1145 »

Cybersecurity researchers have found that it's possible for threat actors to exploit a well-known utility called command-not-found to recommend their own rogue packages and compromise systems running Ubuntu operating system.

"While 'command-not-found' serves as a convenient tool for suggesting installations for uninstalled commands, it can be inadvertently manipulated by attackers through the snap repository, leading to deceptive recommendations of malicious packages," cloud security firm Aqua said in a report shared with The Hacker News.


https://thehackernews.com/2024/02/ubunt ... could.html
Post Reply