The new version Kali Linux 2025.4 It is now available This is the latest update of the year for this Debian-based distribution geared towards cybersecurity, auditing, and penetration testing. Although Kali operates in rolling release mode, these occasional releases provide a snapshot of the system and facilitate new installations in professional, educational, and laboratory environments in Spain and the rest of Europe.
This time, the Offensive Security team has focused its efforts on polish the desktop experience, complete the transition to Wayland, and strengthen offensive toolsThis version also includes integration with virtual machines and improvements to the Kali NetHunter mobile platform. The result is a version that modernizes the graphical environment while maintaining compatibility with recent hardware and devices.
Updated desktops in Kali Linux 2025.4: GNOME 49, KDE Plasma 6.5 and Xfce
One of the most noticeable changes in Kali Linux 2025.4 is the update to its graphical environments. The GNOME edition is now... GNOME 49KDE rises to plasma 6.5 Xfce remains the default desktop environment, now with new color options. The goal is to offer a more consistent, modern, and customizable experience for both everyday use and intensive penetration testing.
GNOME 49: Wayland only, new apps and shortcuts
The GNOME edition of Kali adopts Wayland as the sole display protocolThis decision removes support for X11 in standard sessions, aligning Kali with other leading distributions and paving the way for a future where Wayland will be the norm in Linux desktop environments.
GNOME 49 incorporates a New application panel with folders that group Kali tools Organized by category, similar to the classic distribution menu. This makes it easy to navigate the extensive catalog of security utilities without wasting time searching through endless lists.
Changes are also being introduced to the application ecosystem: Showtime replaces Totem as the default video playerThe document viewer is now called Papers in many GNOME configurations. Additionally, usability improvements have been made, including software store performance, media controls on the lock screen, a quick "Do Not Disturb" mode toggle, and better HDR support.
Something highly anticipated by many users is the arrival of Keyboard shortcuts to open the terminal directlyStarting with this version, you can launch a terminal with Ctrl+Alt+T or Super+T (Windows key + T), matching the behavior of other Kali desktops and simplifying work in audit sessions.
KDE Plasma 6.5: tiling Improved and polished utilities
Users who prefer KDE will receive the update to plasma 6.5which comes with a set of improvements designed for those who work with many windows and tools open at the same time. Among the new features are a more flexible window mosaic systemIdeal for organizing multiple consoles, browsers, and monitoring panels on large screens.
KDE's screenshot manager gets a makeover new workflow and editing optionsThis makes it easier to document vulnerabilities, prepare reports, or create educational materials. Furthermore, the KDE panel now offers quick access to fixed clipboard items, very useful when reusing commands, payloads or configuration fragments.
KRunner, KDE's global launcher and search engine, has also been improved, now including fuzzy matchingThis feature forgives minor typos and allows you to locate applications and commands even if you don't type the exact name, which is useful when dealing with uncommon utility names.
Xfce as the main desktop environment, now with color themes
Xfce continues to be the default desktop in Kali Linux 2025.4a logical decision given its balance between lightness and functionality. The most notable new feature is the arrival of a system of unified color themes which puts Xfce on par with GNOME and KDE in terms of visual customization.
From the Xfce Appearance application, it is possible to adjust Icon themes, GTK 3/4 window colors, Qt 5/6 styles, and window manager decorationsThis allows you to customize the environment to personal preferences or visibility requirements in work settings. For those using Qt applications, the qt5ct and qt6ct tools help to harmonize the desktop appearance.
In addition, this version introduces a Halloween mode for XfceThis aesthetic touch adds a festive feel to the desktop environment. It doesn't affect performance or security features, but it demonstrates that the Kali team also pays attention to visual details without sacrificing stability.
Wayland and virtual machines: mature integration in Kali Linux 2025.4
GNOME's leap to exclusively Wayland sessions It posed a challenge: maintaining compatibility and ease of use when Kali is run inside virtual machines, something very common in cybersecurity labs, training and European corporate environments.
With Kali Linux 2025.4, the team claims that The guest utilities of virtual machines now work correctly under WaylandThis affects widely used hypervisors such as VirtualBox, VMware, and QEMU, where features like clipboard sharing between host and guest or the dynamic window scaling They behave as expected again, matching the experience previously had with X11.
This improvement is especially relevant for training centers, universities, and cybersecurity companies in Spain and Europe that deploy test environments with multiple VMsbecause it allows you to upgrade to Wayland without losing convenience or productivity on a daily basis.
New security tools in Kali Linux 2025.4
True to its focus as a distribution for ethical hacking and penetration testing, Kali Linux 2025.4 incorporates three new tools added to their repositories, all of them geared towards advanced analysis and exploitation scenarios.
The first is bpf-linkerA simple static linker for BPF (Berkeley Packet Filter) programs. This type of technology is frequently used in observability, advanced monitoring, and traffic analysis, and its inclusion makes it easier for researchers and security teams to work with eBPF code within Kali.
Second is evil-winrm-py, a Python reimplementation of the well-known Evil-WinRM tool. Its purpose is Execute commands on remote Windows machines using WinRM (Windows Remote Management), a very common access vector in corporate environments. This utility is especially useful for red team exercises and lateral movement testing in Windows infrastructures.
The third new feature is hexstrike-ai, an MCP server designed to allow artificial intelligence agents run tools autonomouslyAlthough its use is still emerging, it opens the door to automating security testing workflows and experimenting with AI-based assistants that interact directly with the Kali toolset.
In addition, this version updates the Linux kernel to version 6.16Improving compatibility with modern hardware, including new network cards, wireless devices, and recent desktop and laptop computers, is relevant for laboratories and companies that frequently upgrade their equipment.
Kali NetHunter: More Android Devices and Wifipumpkin3
The mobile platform Kali NetHunterKali Linux, geared towards Android devices for wireless security testing and field audits, also receives significant changes in Kali Linux 2025.4. The team expands the catalog of supported phones and updates several of its key tools.
This version adds Android 16 support on various modelsThis includes the Samsung Galaxy S10 family (S10, S10e, S10 Plus, and S10 5G) with LineageOS 23, as well as models like the OnePlus Nord and the Xiaomi Mi 9 in certain configurations. This allows users to take advantage of hardware that is relatively affordable and widespread in Europe as a mobile testing platform.
El NetHunter terminal has been restored and is now compatible with Magisk versions that use interactive modeThis improvement prevents sessions from closing when pressing Ctrl+C, which could be quite annoying during long experimentation sessions or practical training.
Another notable new feature is the inclusion of a Wifipumpkin3 preview in the NetHunter appThis framework for rogue access points (ROPs) is used for phishing attacks and credential theft on wireless networks. The version included in NetHunter incorporates templates for popular services such as Facebook, Instagram, iCloud, and Snapchat, making it a useful tool for simulating social engineering attacks in controlled environments.
Other important changes in Kali Linux 2025.4: Live ISO via BitTorrent and mirrors
Beyond desktops and tools, Kali Linux 2025.4 introduces adjustments to how the system is distributed. The most striking change is that the Kali Live image is now only available via BitTorrentThe reason is that the size of this ISO is approaching the 5 GB limit imposed by Cloudflare's CDN, which the distribution uses for its HTTP downloads.
The Live image includes both a Kali environment pre-installed as the installer with a comprehensive set of packagesThis makes it significantly larger than standard installation images or pre-built virtual machines. Instead of cutting corners or offering incomplete versions, the team has opted to maintain full functionality and move this large download to BitTorrent, following the same strategy they already use for the large "Everything" image.
To compensate and improve overall availability, the following have also been added: new community mirrorsEspecially in Asia and the United States, which should speed up downloads for international users. For Spain and other European countries, the usual Kali network mirrors remain available, so the HTTP download experience for other images should not be affected.
In addition, the teams from Kali Cloud and the package for WSL (Windows Subsystem for Linux) They have received internal improvements and stability fixes. Although these changes are less visible, they provide a boost for those deploying Kali in public clouds, hybrid environments, or as a subsystem in Windows—something increasingly common in companies that combine different platforms.
How to update or install Kali Linux 2025.4
Those who already use Kali can get the latest features of Kali Linux 2025.4 simply by updating your systemwithout needing to reinstall from scratch. Just make sure the file /etc/apt/sources.list point to the repository kali-rolling and execute the usual update commands.
The recommended procedure involves verifying that the repository line is similar to:
deb http://http.kali.org/kali kali-rolling main contrib non-free non-free-firmware
Then, in a terminal with administrator privileges, the following commands can be launched to Update all packages to the latest available version:
sudo apt update && sudo apt -y full-upgrade
For those using Kali with the default configuration files, it is possible synchronize settings from the directory /etc/skel with the user account through:
cp -vrbi /etc/skel/. ~/
If the system requires a restart after the update, Kali uses the file /var/run/reboot-required as an indicator. In that case, it can be executed:
[ -f /var/run/reboot-required ] && sudo reboot -f
Once the process is complete, you can check the installed version with:
grep VERSION /etc/os-release
This confirms that the system is now in operation. Kali Linux 2025.4 and it has the latest security enhancements and functionalities.
Users who prefer a clean installation can download the Installation ISO images, ARM versions, pre-configured virtual machines, cloud images, and WSL packages From the official Kali website. As mentioned, the larger Live ISO is now distributed exclusively via BitTorrent, while the other images remain available for direct download from your browser.
In the case of Kali under Windows Subsystem for Linux, it is recommended migrate to WSL2 to better utilize kernel performance and compatibility with graphical applications. The WSL version can be checked from Windows with:
wsl -l -v
With this 2025.4 cycle, Kali Linux reinforces its position as a leading distribution for cybersecurity professionals and students, combining a more modern and consistent graphical environment, updated tools, and better integration with virtual machines and mobile devicesFor those working in auditing, training, or security research in Spain and Europe, the update represents a step forward in stability and usability without sacrificing the extensive arsenal of utilities that characterizes Kali.