Aqua Nautilus researchers have identified a security issue that arises from the interaction between Ubuntu’s command-not-found package and the snap package repository. While command-not-found serves as a convenient tool for suggesting installations for uninstalled commands, it can be inadvertently manipulated by attackers through the snap repository, leading to deceptive recommendations of malicious packages.
Tl;dr Someone makes a package called “chromee”, you try to install “chrome” via apt, it’s not found, but finds “chromee” in Snap and suggests it.
They could simply make it so the auto suggestion only suggests FOSS apps from verified publishers, since they already have that data