A CISO's Guide to the Business Risks of AI Development Platforms | UpGuard

This report warns that AI "vibe-coding" and app-generation platforms are being weaponized to create pixel-perfect, large-scale phishing campaigns—abusing services like v0.dev, Lovable, and Replit to host deceptive sites and backend capture logic—resulting in credential theft, AiTM attacks, and SOC alert overload; it concludes with a four-pillar CISO playbook (proactive monitoring, AI vendor governance, machine-speed IR/takedowns, and phishing-resistant FIDO2/WebAuthn MFA).