Cybercriminals are exploiting Lovable, an AI-driven website creation platform, to orchestrate advanced phishing campaigns and malware distribution. Designed to simplify web development via natural language prompts, Lovable is now enabling malicious actors with minimal technical skills to create authentic-looking phishing websites swiftly. Research from Proofpoint shows that since February 2025, tens of thousands of malicious URLs have emerged, affecting over 5,000 organizations and employing various attack vectors such as multifactor authentication phishing and cryptocurrency wallet fraud.
The platform’s free hosting service enhances the operational cost-effectiveness for cybercriminals while maintaining the illusion of legitimacy. Analysts have documented sophisticated campaigns using Lovable, such as a German-language operation that initiated malware distribution through HTML attachments, directing victims to deceptive AI-created sites. This trend signifies a troubling evolution in cybercrime, where AI tools are increasingly lowering barriers, complicating detection and prevention for cybersecurity teams. Protect your business with quality threat intelligence to combat these emerging risks.
Source link
