- Pirates use web manufacturers powered by AI to quickly manufacture phishing sites
- Thousands of organizations have already been targeted
- Lovable is the introduction of different protections to combat the threat
Lovable, a popular AI website manufacturer that allows users to create quality websites by talking to the platform, is strongly abused in different cybercriminal activities, experts warned.
Proofpoint safety researchers have revealed how, since February 2025, they have seen “tens of thousands” of adorable URLs used in malicious campaigns, distributed by phishing e-mails.
“Cybercriminals are increasingly using a web manufacturer generated by AI, called lovable to create and accommodate phishing, malware and fraud sites,” said Proofpoint in its report.
Adorable strike back
The company added that it has observed: “Many campaigns taking advantage of the adorable services to distribute multifactorial authentication phishing (MFA) phlinging like the magnate, malicious software such as cryptocurrency wallet drainters or malware chargers and phishing kits targeting the credit card and personal information.”
Since the emergence of the first version of Chatgpt, security researchers warn against AI tools lowering the barrier of cybercrime.
At the beginning, threat actors used a generative AI to develop convincing phishing emails or write malware code quickly and efficiently. However, since websites have also started to integrate AI, criminals have found a new toy with which to play.
In February 2025, Proofpoint claims to have seen a campaign by taking advantage of the file sharing themes to distribute phishing identification information, which included “hundreds of thousands of messages” and had an impact on more than 5,000 organizations.
Fortunately, Lovable is not sitting, hands crossed. A phishing cluster of identification with hundreds of domains was removed by the adorable the same week that it was reported.
The company also told Proofpoint that it had recently implemented the IA -oriented security protections to make the construction sites of construction impossible, including real -time detections to prevent the creation of malicious websites, users invite the automated tool and daily digitization of published projects to report potentially fraudulent projects.
