Our AI chatbot passed every prompt injection test we threw at it. Then we just asked it nicely for customer data, and it happily obliged.

New from our ASMOC team, how a vibe-coded website with LLM became a high-risk finding on a client's attack surface.

https://blog.blacklanternsecurity.com/p/artificial-foolishness-the-hidden

🚀red-run 2.0 is live. Key updates:
Claude Code agent teams: each agent in its own tmux pane; hit Esc to pause or redirect in real time
New state-mgr teammate tracks findings and keeps the attack graph current
Still a lean, lab-focused CTF solver.

https://open.substack.com/pub/blacklanternsecurity/p/red-run-20-agent-teams?r=rbmdk&utm_campaign=post&utm_medium=web&showWelcomeOnShare=true

We've made it to the last question of the month!

We'd like to know: Have you used BBOT's web modules such as spider or lightfuzz? Give us some feedback on those modules if you have.

Swag give-away next week!

It's time for the next question of our OSINT insight quest!

Q2: What is the single biggest missing feature you would like to see in BBOT?

Thx for sharing!

Over the next few weeks we're hoping to gain some insight from the novice & veteran users of subdomain enumeration / OSINT tools via polls.

Q1: What's your favorite OSINT tool?

If your favorite isn't listed, post feedback in the comments.

Thx for participating!