Lovable, a prominent AI website builder, is currently facing significant challenges as cybersecurity experts reveal that hackers are exploiting the platform to create phishing sites. Since February 2025, researchers at Proofpoint have reported that “tens of thousands” of Lovable URLs have been utilized in various malicious campaigns, primarily targeting organizations through phishing emails.
According to Proofpoint, cybercriminals are increasingly leveraging Lovable to develop and host credential phishing sites, malware, and other fraudulent websites. The report highlights a worrying trend where adversaries are using the AI capabilities of Lovable to enhance their cybercriminal activities.
Rising Threats and Countermeasures
Proofpoint noted that multiple campaigns are using Lovable services to distribute sophisticated phishing kits, including those designed to bypass multifactor authentication (MFA). These kits, such as Tycoon, can drain cryptocurrency wallets or extract sensitive personal and credit card information from unsuspecting users. In February alone, the report documented a campaign involving file-sharing themes that resulted in “hundreds of thousands of messages” sent to over 5,000 organizations.
Security researchers have expressed concerns about the lowering barriers to entry for cybercriminals since the introduction of AI tools. Initially, these tools enabled threat actors to craft convincing phishing emails and quickly write malware code. The integration of AI into website building has offered them a new avenue for their illicit activities.
Lovable is actively responding to these threats. After learning about one extensive credential phishing cluster that involved hundreds of domains, the company took swift action to dismantle it within the same week of the report. Additionally, Lovable has implemented several proactive security measures to combat the misuse of its platform.
Enhanced Security Measures
The company has introduced AI-driven security protections designed to prevent the creation of phishing sites. These measures include real-time detection capabilities that monitor user prompts while they interact with the tool, as well as automated daily scans of published projects to identify potentially fraudulent activities.
As cybersecurity threats continue to evolve, Lovable aims to stay ahead of the curve by enhancing its security protocols and actively engaging with security researchers. The ongoing battle against cybercrime highlights the necessity for continuous innovation in cybersecurity practices to protect users and organizations from emerging threats.
In an era where technology is increasingly intertwined with daily operations, the need for robust security measures is more critical than ever. Lovable’s efforts to combat phishing and malware through advanced AI security measures reflect the challenges many tech companies face in safeguarding their platforms against exploitation.
The situation underscores a broader issue within the tech landscape: as tools become more accessible, the potential for misuse increases. Lovable’s response could serve as a model for other organizations grappling with similar challenges.
