A new phishing kit has emerged, allowing cybercriminals to execute sophisticated attacks with minimal technical skills. This point-and-click toolkit features an intuitive interface enabling attackers to customize lures and deploy malicious payloads through seemingly harmless documents. The kit employs advanced evasion techniques, such as dynamic content injection and memory-based execution, circumventing traditional security measures. As a result, it significantly increases the risk to users, highlighting the urgent need for enhanced cybersecurity awareness and proactive monitoring by organizations. The escalation of such attack capabilities underscores the importance of reinforcing user training and implementing robust defenses against emerging cyber threats.