BlueKit PhaaS: Browser-in-the-Middle via rrweb — When the Login Page You See Runs on the Attacker's Machine
Executive Summary
BlueKit is a Phishing-as-a-Service (PhaaS) platform first documented by Varonis in April 2026, and by late June 2026 Netcraft confirmed it operating at real-world scale, with roughly
blog.fiscybersec.com8 min read