Kali Linux 2026.1 is available. The cybersecurity distribution brings the annual theme refresh, a nod to its own history, and eight new tools. The kernel is updated to version 6.18. The release follows version 2024.4, released in late 2025, which included 14 new tools and made Python 3.12 the default interpreter.
The theme refresh is a regular annual tradition for the first release of the year. Everything from the boot menu to the login screen and desktop backgrounds has been updated. The boot animation now also works correctly on live images, whereas it previously froze at the start of the loading sequence.
In total, 25 new packages have been added, 9 removed, and 183 updated. The kernel has been upgraded to version 6.18.
2026 marks the 20th anniversary of BackTrack Linux, Kali’s direct predecessor. To celebrate, the team is introducing a BackTrack mode in the kali-undercover package. This mode transforms the desktop into the look and feel of BackTrack 5, complete with the original background, color schemes, and window themes.
Eight new tools and NetHunter improvements
Kali 2026.1 adds eight tools to the repositories. The list includes AdaptixC2 for post-exploitation and adversarial emulation, XSStrike as an advanced XSS scanner, WPProbe for WordPress plugin enumeration, and MetasploitMCP as an MCP server for Metasploit. Additionally, Fluxion, GEF, Atomic-Operator, and SSTImap are now available.
Kali NetHunter also receives updates. The WPS scan bug, the HID permissions check, and the back button issue have been resolved. The Redmi Note 8 gets a new kernel for Android 16, and on the Samsung S10, reaver, bully, and kismet now work via the internal wireless firmware. Notably, @Loukious released the first working injection patch for QCACLD v3.0 chipsets after several years of work, potentially enabling injection on most Qualcomm smartphones.
Users of the kali-tools-sdr metapackage are warned: tools such as gr-air-modes and gqrx-sdr are not working in this release. A fix is expected in the next version.