Sublime Core Feed

This repo contains open-source Rules for Sublime, a free and open platform for detecting and preventing email attacks like BEC, malware, and credential phishing.

Sublime Security

Last updated Mar 9th, 2026

Feed Source

GitHub

Detection Method is

Rule Name & Severity	Author	Last Updated	Labels
Open redirect: Panera Bread	Sublime Security	1mo ago Jan 12th, 2026	Credential Phishing Malware/Ransomware Open redirect Sender analysis URL analysis	/feeds/core/detection-rules/open-redirect-panera-bread-91a726a2
Open redirect: people.anuneo.com	Sublime Security	9mo ago May 23rd, 2025	Credential Phishing Evasion Open redirect Social engineering Content analysis Header analysis Sender analysis URL analysis	/feeds/core/detection-rules/open-redirect-peopleanuneocom-2ae83b73
Open redirect: phoenixartstudio.net	Sublime Security	1mo ago Jan 12th, 2026	Credential Phishing Malware/Ransomware Open redirect Sender analysis URL analysis	/feeds/core/detection-rules/open-redirect-phoenixartstudionet-7b83c3ab
Open redirect: PIRL San Diego	Sublime Security	7mo ago Aug 5th, 2025	Credential Phishing Malware/Ransomware Open redirect Sender analysis URL analysis	/feeds/core/detection-rules/open-redirect-pirl-san-diego-a057d64c
Open redirect: plasticsurgery.or.kr	Sublime Security	7mo ago Aug 5th, 2025	Credential Phishing Malware/Ransomware Open redirect Sender analysis URL analysis	/feeds/core/detection-rules/open-redirect-plasticsurgeryorkr-76dbd946
Open redirect: pmifunds.com	Sublime Security	1mo ago Jan 12th, 2026	Credential Phishing Malware/Ransomware Open redirect Sender analysis URL analysis	/feeds/core/detection-rules/open-redirect-pmifundscom-fdc91036
Open redirect: predictiveresponse.net	Sublime Security	7mo ago Aug 5th, 2025	Credential Phishing Malware/Ransomware Open redirect Sender analysis URL analysis	/feeds/core/detection-rules/open-redirect-predictiveresponsenet-3474bb1b
Open redirect: PremierBet	Sublime Security	1mo ago Jan 12th, 2026	Credential Phishing Malware/Ransomware Open redirect Sender analysis URL analysis	/feeds/core/detection-rules/open-redirect-premierbet-0ad17224
Open redirect: qrxtech.com	Sublime Security	1mo ago Jan 12th, 2026	Credential Phishing Malware/Ransomware Open redirect Sender analysis URL analysis	/feeds/core/detection-rules/open-redirect-qrxtechcom-b790552a
Open redirect: queue.swytchbike.com	Sublime Security	1mo ago Jan 12th, 2026	Credential Phishing Impersonation: Brand Social engineering Open redirect Header analysis URL analysis Sender analysis	/feeds/core/detection-rules/open-redirect-queueswytchbikecom-916003d1
Open redirect: radiopublic.com	Sublime Security	1mo ago Jan 12th, 2026	Credential Phishing Malware/Ransomware Open redirect Sender analysis URL analysis	/feeds/core/detection-rules/open-redirect-radiopubliccom-2cb3f7a0
Open redirect: retailrocket.net	Sublime Security	1mo ago Jan 12th, 2026	Credential Phishing Malware/Ransomware Open redirect Sender analysis URL analysis	/feeds/core/detection-rules/open-redirect-retailrocketnet-0e00e7cb
Open redirect: ringaraja.net	Sublime Security	1mo ago Jan 12th, 2026	Credential Phishing Malware/Ransomware Open redirect Sender analysis URL analysis	/feeds/core/detection-rules/open-redirect-ringarajanet-4d9594f4
Open redirect: Samsung	Sublime Security	7mo ago Aug 5th, 2025	Credential Phishing Malware/Ransomware Open redirect Sender analysis URL analysis	/feeds/core/detection-rules/open-redirect-samsung-164ece9a
Open redirect: sciencebuddies.org	Sublime Security	1mo ago Jan 12th, 2026	Credential Phishing Malware/Ransomware Open redirect Sender analysis URL analysis	/feeds/core/detection-rules/open-redirect-sciencebuddiesorg-019317d4
Open redirect: secondstreetapp.com	Sublime Security	1mo ago Jan 12th, 2026	Credential Phishing Malware/Ransomware Open redirect Sender analysis URL analysis	/feeds/core/detection-rules/open-redirect-secondstreetappcom-6767888d
Open redirect: Shibboleth SSO Logout Return Parameter	Sublime Security	1mo ago Jan 12th, 2026	Credential Phishing Open redirect Evasion HTML analysis URL analysis Sender analysis	/feeds/core/detection-rules/open-redirect-shibboleth-sso-logout-return-parameter-374b7517
Open redirect: shoppermeet.net	Sublime Security	1mo ago Jan 12th, 2026	Credential Phishing Malware/Ransomware Open redirect Sender analysis URL analysis	/feeds/core/detection-rules/open-redirect-shoppermeetnet-fe105c91
Open redirect: shoppingwebapi.didatravel.com	Sublime Security	7mo ago Aug 5th, 2025	Credential Phishing Malware/Ransomware Open redirect Sender analysis URL analysis	/feeds/core/detection-rules/open-redirect-shoppingwebapididatravelcom-ac452abf
Open redirect: Signature Travel Network	Sublime Security	9mo ago May 23rd, 2025	Credential Phishing Open redirect Sender analysis URL analysis	/feeds/core/detection-rules/open-redirect-signature-travel-network-c92e3202
Open redirect: Slack	Sublime Security	1mo ago Jan 12th, 2026	Credential Phishing Malware/Ransomware Open redirect Sender analysis URL analysis	/feeds/core/detection-rules/open-redirect-slack-1b15f4a3
Open redirect: slubnaglowie.pl	Sublime Security	9mo ago May 23rd, 2025	Credential Phishing Evasion Open redirect Social engineering Content analysis Header analysis Sender analysis URL analysis	/feeds/core/detection-rules/open-redirect-slubnaglowiepl-2ec356d0
Open redirect: smartadserver.com	Sublime Security	1mo ago Jan 12th, 2026	Credential Phishing Malware/Ransomware Open redirect Sender analysis URL analysis	/feeds/core/detection-rules/open-redirect-smartadservercom-27e5a585
Open redirect: smore.com	Sublime Security	1mo ago Jan 12th, 2026	Credential Phishing Open redirect Sender analysis URL analysis	/feeds/core/detection-rules/open-redirect-smorecom-666cb33d
Open redirect: Snapchat	@vector_sec	3y ago Dec 20th, 2023	Credential Phishing Malware/Ransomware Open redirect Sender analysis URL analysis	/feeds/core/detection-rules/open-redirect-snapchat-6f363e68
Open redirect: social.bigpress.net	Sublime Security	7mo ago Aug 5th, 2025	Credential Phishing Malware/Ransomware Open redirect Sender analysis URL analysis	/feeds/core/detection-rules/open-redirect-socialbigpressnet-7a994083
Open redirect: ssg-financial.com	Sublime Security	7mo ago Aug 5th, 2025	Credential Phishing Malware/Ransomware Open redirect Sender analysis URL analysis	/feeds/core/detection-rules/open-redirect-ssg-financialcom-604a48f1
Open redirect: stats.lib.pdx.edu	Sublime Security	1mo ago Jan 12th, 2026	Credential Phishing Malware/Ransomware Open redirect Sender analysis URL analysis	/feeds/core/detection-rules/open-redirect-statslibpdxedu-0fe96183
Open redirect: storematch.jp	Sublime Security	1mo ago Jan 12th, 2026	Credential Phishing Malware/Ransomware Open redirect Sender analysis URL analysis	/feeds/core/detection-rules/open-redirect-storematchjp-849bfbb8
Open redirect: Ticketmaster	Sublime Security	1mo ago Jan 12th, 2026	Credential Phishing Malware/Ransomware Open redirect Sender analysis URL analysis	/feeds/core/detection-rules/open-redirect-ticketmaster-a5b3901f
Open redirect: TikTok	Sublime Security	1mo ago Jan 12th, 2026	Credential Phishing Malware/Ransomware Open redirect Sender analysis URL analysis	/feeds/core/detection-rules/open-redirect-tiktok-d231d135
Open redirect: tkqlhce.com	Sublime Security	1mo ago Jan 12th, 2026	Credential Phishing Malware/Ransomware Open redirect Sender analysis URL analysis	/feeds/core/detection-rules/open-redirect-tkqlhcecom-44eef073
Open redirect: tuttocauzioni.it	Sublime Security	7mo ago Aug 5th, 2025	Credential Phishing Malware/Ransomware Open redirect Sender analysis URL analysis	/feeds/core/detection-rules/open-redirect-tuttocauzioniit-6c0b2cb9
Open redirect: typedrawers.com	Sublime Security	9mo ago May 23rd, 2025	Credential Phishing Evasion Open redirect QR code Social engineering Content analysis File analysis QR code analysis Sender analysis	/feeds/core/detection-rules/open-redirect-typedrawerscom-158d9e95
Open redirect: unitedwaynwvt.org	Sublime Security	1mo ago Jan 12th, 2026	Credential Phishing Malware/Ransomware Open redirect Sender analysis URL analysis	/feeds/core/detection-rules/open-redirect-unitedwaynwvtorg-da6eb27a
Open redirect: ust.hk	Sublime Security	1mo ago Jan 12th, 2026	Credential Phishing Malware/Ransomware Open redirect Sender analysis URL analysis	/feeds/core/detection-rules/open-redirect-usthk-700a19fb
Open redirect: vconfex.com	Sublime Security	1mo ago Jan 12th, 2026	Credential Phishing Malware/Ransomware Open redirect Sender analysis URL analysis	/feeds/core/detection-rules/open-redirect-vconfexcom-877de339
Open redirect: VK	@vector_sec	1mo ago Jan 12th, 2026	Credential Phishing Malware/Ransomware Open redirect Sender analysis URL analysis	/feeds/core/detection-rules/open-redirect-vk-6ebd6d42
Open redirect: weblinkconnect.com	Sublime Security	7mo ago Aug 5th, 2025	Credential Phishing Evasion Open redirect Sender analysis URL analysis	/feeds/core/detection-rules/open-redirect-weblinkconnectcom-967f7a11
Open redirect: whitefox.pl	Sublime Security	1mo ago Jan 12th, 2026	Credential Phishing Malware/Ransomware Open redirect Sender analysis URL analysis	/feeds/core/detection-rules/open-redirect-whitefoxpl-18b74a2a
Open redirect: Xfinity CMP Redirection to Google AMP	Sublime Security	7mo ago Aug 5th, 2025	Credential Phishing Open redirect Evasion Header analysis URL analysis Sender analysis	/feeds/core/detection-rules/open-redirect-xfinity-cmp-redirection-to-google-amp-c0805b80
Open redirect: xfinity.com	Sublime Security	1mo ago Jan 12th, 2026	Credential Phishing Malware/Ransomware Open redirect Sender analysis URL analysis	/feeds/core/detection-rules/open-redirect-xfinitycom-7b9012fa
Open redirect: YouTube	@vector_sec	2y ago Apr 24th, 2024	Credential Phishing Malware/Ransomware Open redirect Sender analysis URL analysis	/feeds/core/detection-rules/open-redirect-youtube-fb33bffe
Open redirect: YouTube --> Google Redirection Chain	Sublime Security	1mo ago Jan 12th, 2026	Credential Phishing Open redirect Sender analysis URL analysis	/feeds/core/detection-rules/open-redirect-youtube-greater-google-redirection-chain-67823fac
PayPal invoice abuse	Sublime Security	27d ago Feb 11th, 2026	BEC/Fraud Callback Phishing Evasion Social engineering Content analysis Header analysis Sender analysis	/feeds/core/detection-rules/paypal-invoice-abuse-0ff7a0d4
Punycode sender domain	Sublime Security	3y ago Aug 21st, 2023	Credential Phishing Malware/Ransomware Evasion Lookalike domain Punycode Social engineering Sender analysis	/feeds/core/detection-rules/punycode-sender-domain-bc3d8db5
QR code to auto-download of a suspicious file type (unsolicited)	Sublime Security	4mo ago Oct 17th, 2025	Malware/Ransomware Evasion LNK Social engineering Archive analysis File analysis Sender analysis URL analysis QR code analysis	/feeds/core/detection-rules/qr-code-to-auto-download-of-a-suspicious-file-type-unsolicited-eed87ea2
QR Code with suspicious indicators	Sublime Security	1mo ago Jan 12th, 2026	Credential Phishing QR code Social engineering Content analysis Header analysis Computer Vision Natural Language Understanding QR code analysis Sender analysis URL analysis	/feeds/core/detection-rules/qr-code-with-suspicious-indicators-04f5c34f
Reconnaissance: All recipients cc/bcc'd or undisclosed	Sublime Security	1mo ago Feb 5th, 2026	Reconnaissance Content analysis Header analysis Sender analysis	/feeds/core/detection-rules/reconnaissance-all-recipients-ccbccd-or-undisclosed-420f60d3
Reconnaissance: Email address harvesting attempt	Sublime Security	15d ago Feb 23rd, 2026	BEC/Fraud Credential Phishing Spam Free email provider Social engineering Content analysis Header analysis Sender analysis URL analysis	/feeds/core/detection-rules/reconnaissance-email-address-harvesting-attempt-bb31efbc

618 Rules

Page 10 of 13