Sublime Thoughts

The latest research and attack spotlights.

Get the latest

Sublime releases, detections, blogs, events, and more directly to your inbox.

You're now subscribed. Expect a monthly email from us in your inbox.

Oops! Something went wrong while submitting the form.

Threat Detection

Jun 18, 2025

Community Spotlight: Email Detection Rules built by the Sublime Community

Taking a look at some great Detection Rules written by Sublime Community members

Threat Detection Team

Sublime

Attack Spotlight

Jun 12, 2025

AITM phishing with Russian infrastructure and detection evasion from a lapsed domain

Credential phishing with a once-legitimate domain, layered detection evasion techniques, and Russian infrastructure

Brandon Murphy

Detection

Attack Spotlight

May 29, 2025

Detecting an email-based ClickFix attack that delivers DCRat malware payload

Tricking users with ClickFix to deliver DCRat via fake email thread

Josh "Soup" Campbell

Detection

Machine Learning

May 15, 2025

How ASA thinks: The technical architecture of Sublime’s Autonomous Security Analyst

Learn how we built our agentic AI analyst that’s capable of performing almost all of the same tasks as a human email security analyst

Aryan Luthra

ML Researcher

Attack Spotlight

May 8, 2025

ScreenConnect as malware via Canva abuse and Docusign impersonation

Exploring different ways attackers deliver malicious payloads with Canva

Brian Baskin

Threat Research

Attack Spotlight

Apr 30, 2025

Figma abuse from compromised vendor used in credential theft attack

Credential phishing attack with Figma abuse and vendor compromise

Sam Scholten

Detection

Sublime News

Apr 28, 2025

Key findings from the Q1 2025 Sublime Email Threat Research Report

Increased threat uniqueness, emerging attack vectors, evasion techniques by attack type, and more

Machine Learning Team

Sublime

Sublime News

Apr 23, 2025

Introducing ASA: The Autonomous Security Analyst for email

Sublime launches ASA, an AI analyst that fully automates triage and remediation of user-reported emails

AJ Williams

Product Manager

Sublime News

Apr 21, 2025

Welcoming Andrew Becherer as Sublime’s CISO

Andrew Becherer has joined Sublime as our CISO

Josh Kamdjou

Founder & CEO

Sublime Thoughts

Community Spotlight: Email Detection Rules built by the Sublime Community

Taking a look at some great Detection Rules written by Sublime Community members

AITM phishing with Russian infrastructure and detection evasion from a lapsed domain

Credential phishing with a once-legitimate domain, layered detection evasion techniques, and Russian infrastructure

Detecting an email-based ClickFix attack that delivers DCRat malware payload

Tricking users with ClickFix to deliver DCRat via fake email thread

How ASA thinks: The technical architecture of Sublime’s Autonomous Security Analyst

Learn how we built our agentic AI analyst that’s capable of performing almost all of the same tasks as a human email security analyst

ScreenConnect as malware via Canva abuse and Docusign impersonation

Exploring different ways attackers deliver malicious payloads with Canva

Figma abuse from compromised vendor used in credential theft attack

Credential phishing attack with Figma abuse and vendor compromise

Key findings from the Q1 2025 Sublime Email Threat Research Report

Increased threat uniqueness, emerging attack vectors, evasion techniques by attack type, and more

Introducing ASA: The Autonomous Security Analyst for email

Sublime launches ASA, an AI analyst that fully automates triage and remediation of user-reported emails

Welcoming Andrew Becherer as Sublime’s CISO

Andrew Becherer has joined Sublime as our CISO

Now is the time.