• Sublime Core Feed

Sublime Core Feed

This repo contains open-source Rules for Sublime, a free and open platform for detecting and preventing email attacks like BEC, malware, and credential phishing.

Sublime Security
Last updated Apr 3rd, 2026
Feed Source
GitHub
Attack Type is
Rule Name & Severity
Author
Last Updated
Labels
Attachment: Legal themed message or PDF with suspicious indicators
Sublime Security
8h ago
Apr 3rd, 2026
Credential Phishing
Extortion
BEC/Fraud
Evasion
PDF
Social engineering
Content analysis
File analysis
Natural Language Understanding
Optical Character Recognition
URL analysis
Whois
Header analysis
Exif analysis
Brand impersonation: Vanguard
Sublime Security
6mo ago
Sep 22nd, 2025
BEC/Fraud
Callback Phishing
Credential Phishing
Extortion
Malware/Ransomware
Spam
Impersonation: Brand
Natural Language Understanding
Header analysis
Sender analysis
Brand impersonation: WeTransfer
Sublime Security
8mo ago
Aug 5th, 2025
BEC/Fraud
Callback Phishing
Credential Phishing
Extortion
Malware/Ransomware
Spam
Impersonation: Brand
Content analysis
Header analysis
Sender analysis
Encrypted Microsoft Office files from untrusted sender
Sublime Security
8mo ago
Aug 5th, 2025
BEC/Fraud
Callback Phishing
Credential Phishing
Extortion
Malware/Ransomware
Spam
Encryption
Evasion
File analysis
YARA
Sender analysis
Extortion / sextortion in attachment from untrusted sender
Sublime Security
8mo ago
Aug 5th, 2025
Extortion
Social engineering
Spoofing
Computer Vision
Content analysis
File analysis
Natural Language Understanding
Optical Character Recognition
Sender analysis
Extortion / sextortion (untrusted sender)
Sublime Security
2mo ago
Jan 22nd, 2026
Extortion
Social engineering
Spoofing
Content analysis
Header analysis
Natural Language Understanding
Sender analysis
Impersonation: Legal firm with copyright infringement notice
Sublime Security
25d ago
Mar 10th, 2026
BEC/Fraud
Extortion
Impersonation: Brand
Social engineering
Content analysis
Header analysis
Sender analysis
Mismatched links: Free file share with urgent language
Sublime Security
8mo ago
Aug 5th, 2025
BEC/Fraud
Callback Phishing
Credential Phishing
Extortion
Malware/Ransomware
Spam
Free file host
Social engineering
Natural Language Understanding
Sender analysis
URL analysis
Potential prompt injection attack in body HTML
Sublime Security
2mo ago
Jan 12th, 2026
Callback Phishing
Credential Phishing
Extortion
Malware/Ransomware
Spam
BEC/Fraud
Evasion
Social engineering
Header analysis
HTML analysis
Content analysis
Service Abuse: GoDaddy infrastructure
Sublime Security
2mo ago
Jan 7th, 2026
Callback Phishing
Extortion
Evasion
Natural Language Understanding
Content analysis
Suspicious Links to Cloudflare R2 and Edge Services
Sublime Security
2mo ago
Jan 12th, 2026
BEC/Fraud
Callback Phishing
Credential Phishing
Extortion
Malware/Ransomware
Spam
Free file host
Header analysis
Sender analysis
URL analysis
11 Rules