Security researchers at Varonis have discovered Bluekit, a sophisticated new phishing kit that includes an AI assistant and automates the entire attack workflow from domain registration to credential harvesting. The kit offers over 40 website templates targeting major platforms like Apple, Gmail, and GitHub, and features advanced capabilities including two-factor authentication bypass, voice cloning, and a centralized dashboard that lets attackers manage everything from campaign setup to captured login data through Telegram. While Bluekit appears to still be in active development and hasn't been spotted in live attacks yet, Varonis warns that its rapid feature updates and ease of use make it likely to appear in future phishing campaigns.