Kali Linux

LibXML2, Used by Steam, Chromium, Others is Now Abandoned An open source library used by many of the most well known applications, including VirtualBox, GNOME, Edge, & VLC, has been officially abandoned and is now marked as "unmaintained". https://gitlab.gnome.org/GNOME/libxml2/-/commit/9c80a89a @kalilinux

EFF is fighting back against tyrants abusing tech by 🔨 Creating tools to protect your digital rights 📸 Pushing back against surveillance regimes 📣 Safeguarding your right to speak your mind online They just need your support: eff.org/power-up

CVE-2025-55182 (React) and CVE-2025-66478 (Next.js) are critical unauthenticated RCE vulnerabilities in the React Server Components (RSC) "Flight" protocol. Default configurations are vulnerable – a standard Next.js app created with create-next-app and built for production can be exploited with no code changes by the developer. https://www.wiz.io/blog/critical-vulnerability-in-react-cve-2025-55182 @kalilinux

Shai-Hulud malware infects 500 npm packages, leaks secrets on GitHub https://www.bleepingcomputer.com/news/security/shai-hulud-malware-infects-500-npm-packages-leaks-secrets-on-github/ @kalilinux

https://www.theguardian.com/technology/2025/nov/18/cloudflare-outage-causes-error-messages-across-the-internet @kalilinux

https://www.youtube.com/watch?v=7GeCq1qwqjc @kalilinux

Affinity’s new design platform combines everything into one app and is now FREE for everyone as the editing software is reborn as Affinity Studio! Canva is now relaunching its Adobe-rivalling Affinity creative suite as a new all-in-one app for photo editing, vector illustration, and page layouts. Unlike Affinity’s previous Designer, Photo, and Publisher software, which were a one-time $70 purchase, Canva’s announcement stresses that the new Affinity app is “free forever” and won’t require a subscription. https://www.affinity.studio/get-affinity @kalilinux

#Discord customer service data breach leaks user info and scanned photo IDs The #attack has provided the #attacker with access to some of users' personal data. Specifically, data associated with customer support and Discord trust and safety team communications[who would've thought!]. Although the attack was not against Discord’s own servers, but rather those of a third-party providing customer service resources. @kalilinux

Sound on @kalilinux

🚨 #CHATCONTROL FAILS AGAIN 🚨 AGAINST (9): 🇦🇹 Austria · 🇧🇪 Belgium · 🇨🇿 Czechia · 🇫🇮 Finland · 🇩🇪 Germany · 🇱🇺 Luxembourg · 🇳🇱 Netherlands · 🇵🇱 Poland · 🇸🇰 Slovakia 🔴 IN FAVOR (14): 🇧🇬 Bulgaria · 🇭🇷 Croatia · 🇨🇾 Cyprus · 🇩🇰 Denmark · 🇫🇷 France · 🇭🇺 Hungary · 🇮🇪 Ireland · 🇮🇹 Italy · 🇱🇻 Latvia · 🇱🇹 Lithuania · 🇲🇹 Malta · 🇵🇹 Portugal · 🇪🇸 Spain · 🇸🇪 Sweden UNDECIDED (4): 🇪🇪 Estonia · 🇬🇷 Greece · 🇷🇴 Romania · 🇸🇮 Slovenia 👉 The proposal reintroduced by 🇩🇰 Denmark under its EU presidency (July 2025) has failed for the third time 💥 With Germany and Luxembourg joining the opposition, a blocking minority was formed (at least 4 States + 35% of EU population) 📌 Result: no agreement, no vote in October. Even if Denmark tries again, Europe has once more resisted this absurdity @kalilinux

China’s Great Firewall suffers its biggest leak ever as 500GB of source code and docs spill online — censorship tool has been sold to three different countries. the company not only provides services to governments in places like Xinjiang, Jiangsu, and Fujian, but also exports censorship and surveillance technology to countries such as Myanmar, Pakistan, Ethiopia, Kazakhstan, and other unidentified country under the “Belt and Road” framework. Contained in the leak are what appear to be full build systems for deep packet inspection platforms, as well as code modules that reference the identification and throttling of specific circumvention tools. https://gfw.report/blog/geedge_and_mesa_leak/en/ @kalilinux

Some ners got ChatGPT to leak your private email data 💀💀 All you need? The victim's email address. ⛓️‍💥🚩📧 And with just the victim's email, they managed to exfiltrate all the victim's private information. https://x.com/Eito_Miyamura/status/1966541235306237985 @kalilinux

In a supply chain attack, attackers have injected malware into NPM packages with over 2.6 billion weekly downloads after compromising a maintainer's account in a phishing attack. [read more] @kalilinux

https://www.githubstatus.com/ @kalilinux

The FreeBSD laptop team noted in one of their recent monthly status updates:

For FreeBSD 15.0, our goal is to extend the FreeBSD installer to offer a minimal KDE-based desktop as an install option. The initial concept is a low-interaction installation process that, upon completion, brings the user directly to a KDE graphical login screen. We are currently evaluating the required pkg dependencies to automatically select appropriate graphics drivers.

@kalilinux

Researchers at the Citizen Lab and Princeton evaluated the network security of Android apps & found that a large portion of popular Chinese apps use broken proprietary network protocols instead of TLS. Read the paper here https://www.computer.org/csdl/proceedings-article/sp/2025/223600d916/26hiVQjbZqE @kalilinux