Sublime Core Feed

This repo contains open-source Rules for Sublime, a free and open platform for detecting and preventing email attacks like BEC, malware, and credential phishing.

Sublime Security

Last updated Jan 23rd, 2026

Feed Source

GitHub

Detection Method is

Rule Name & Severity	Author	Last Updated	Labels
New link domain (<=10d) from untrusted sender	Sublime Security	6mo ago Jul 16th, 2025	Credential Phishing Malware/Ransomware Sender analysis URL analysis Whois	/feeds/core/detection-rules/new-link-domain-less10d-from-untrusted-sender-4805b0e6
Newly registered sender or reply-to domain with newly registered linked domain	Sublime Security	5mo ago Aug 5th, 2025	BEC/Fraud Credential Phishing Malware/Ransomware Social engineering Header analysis URL analysis Whois	/feeds/core/detection-rules/newly-registered-sender-or-reply-to-domain-with-newly-registered-linked-domain-e5b6a81f
Notion suspicious file share	Sublime Security	6mo ago Jul 16th, 2025	Credential Phishing Malware/Ransomware Evasion Free file host Content analysis Sender analysis URL analysis	/feeds/core/detection-rules/notion-suspicious-file-share-f7307929
Open redirect: adnxs.com	Sublime Security	5mo ago Aug 5th, 2025	Credential Phishing Malware/Ransomware Open redirect Sender analysis URL analysis	/feeds/core/detection-rules/open-redirect-adnxscom-7fc92916
Open redirect: agena-smile.com	Sublime Security	12d ago Jan 12th, 2026	Credential Phishing Malware/Ransomware Open redirect Sender analysis URL analysis	/feeds/core/detection-rules/open-redirect-agena-smilecom-4a8ebce6
Open redirect: amaterasu-for-website-5.com	Sublime Security	12d ago Jan 12th, 2026	Credential Phishing Malware/Ransomware Open redirect Sender analysis URL analysis	/feeds/core/detection-rules/open-redirect-amaterasu-for-website-5com-d31f7cb8
Open redirect: api.spently.com	Sublime Security	12d ago Jan 12th, 2026	Credential Phishing Malware/Ransomware Open redirect Sender analysis URL analysis	/feeds/core/detection-rules/open-redirect-apispentlycom-69740e97
Open redirect: Artisteer	Sublime Security	8mo ago May 23rd, 2025	Credential Phishing Open redirect Sender analysis URL analysis	/feeds/core/detection-rules/open-redirect-artisteer-1f65eec3
Open redirect: artkaderne	Sublime Security	12d ago Jan 12th, 2026	Credential Phishing Malware/Ransomware Open redirect Sender analysis URL analysis	/feeds/core/detection-rules/open-redirect-artkaderne-cc16a3f4
Open Redirect: asemailmgmteu.com	Sublime Security	12d ago Jan 12th, 2026	Credential Phishing Malware/Ransomware Open redirect Sender analysis URL analysis	/feeds/core/detection-rules/open-redirect-asemailmgmteucom-368871ea
Open redirect: astroarts.co.jp	Sublime Security	12d ago Jan 12th, 2026	Credential Phishing Malware/Ransomware Open redirect Sender analysis URL analysis	/feeds/core/detection-rules/open-redirect-astroartscojp-6dd617af
Open redirect: Atdmt	@vector_sec	12d ago Jan 12th, 2026	Credential Phishing Malware/Ransomware Open redirect URL analysis	/feeds/core/detection-rules/open-redirect-atdmt-fafbd230
Open redirect: Avast	Sublime Security	12d ago Jan 12th, 2026	Credential Phishing Malware/Ransomware Open redirect Sender analysis URL analysis	/feeds/core/detection-rules/open-redirect-avast-5f635658
Open redirect: bananaguide.com	Sublime Security	5mo ago Aug 5th, 2025	Credential Phishing Malware/Ransomware Open redirect Sender analysis URL analysis	/feeds/core/detection-rules/open-redirect-bananaguidecom-92fecf26
Open redirect: bangkoksync.com	Sublime Security	5mo ago Aug 5th, 2025	Credential Phishing Malware/Ransomware Open redirect Sender analysis URL analysis	/feeds/core/detection-rules/open-redirect-bangkoksynccom-e1449ccd
Open redirect: bestdeals.today	Sublime Security	12d ago Jan 12th, 2026	Credential Phishing Malware/Ransomware Open redirect Sender analysis URL analysis	/feeds/core/detection-rules/open-redirect-bestdealstoday-666de100
Open redirect: Bitrix24 URL Path	Sublime Security	5mo ago Aug 5th, 2025	Credential Phishing Open redirect Sender analysis URL analysis	/feeds/core/detection-rules/open-redirect-bitrix24-url-path-e3c85e59
Open redirect: BMW USA	Sublime Security	12d ago Jan 12th, 2026	Credential Phishing Malware/Ransomware Open redirect Sender analysis URL analysis	/feeds/core/detection-rules/open-redirect-bmw-usa-1bf4e69a
Open redirect: bubblelife.com	Sublime Security	12d ago Jan 12th, 2026	Credential Phishing Malware/Ransomware Open redirect Sender analysis URL analysis	/feeds/core/detection-rules/open-redirect-bubblelifecom-53c9b893
Open redirect: buildingengines.com	Sublime Security	12d ago Jan 12th, 2026	Credential Phishing Malware/Ransomware Open redirect Sender analysis URL analysis	/feeds/core/detection-rules/open-redirect-buildingenginescom-93df711e
Open redirect: business.google.com website_shared URL Param	Sublime Security	12d ago Jan 12th, 2026	Credential Phishing Malware/Ransomware Open redirect Sender analysis URL analysis	/feeds/core/detection-rules/open-redirect-businessgooglecom-websiteshared-url-param-f146be73
Open redirect: Cartoon Network	Sublime Security	12d ago Jan 12th, 2026	Credential Phishing Spam Open redirect Evasion Content analysis URL analysis	/feeds/core/detection-rules/open-redirect-cartoon-network-7435e057
Open redirect: chkc.com.hk	Sublime Security	5mo ago Aug 5th, 2025	Credential Phishing Malware/Ransomware Open redirect Sender analysis URL analysis	/feeds/core/detection-rules/open-redirect-chkccomhk-aa683479
Open redirect: City of Calgary	Sublime Security	8mo ago May 23rd, 2025	Credential Phishing Exploit Open redirect Social engineering Sender analysis URL analysis	/feeds/core/detection-rules/open-redirect-city-of-calgary-00321858
Open redirect: Club-OS	Sublime Security	12d ago Jan 12th, 2026	Credential Phishing Malware/Ransomware Open redirect Sender analysis URL analysis	/feeds/core/detection-rules/open-redirect-club-os-c6286914
Open redirect: convertcart.com	Sublime Security	12d ago Jan 12th, 2026	Credential Phishing Malware/Ransomware Open redirect Sender analysis URL analysis	/feeds/core/detection-rules/open-redirect-convertcartcom-deab563d
Open redirect: Dell	Sublime Security	8mo ago May 23rd, 2025	Credential Phishing Malware/Ransomware Open redirect Sender analysis URL analysis	/feeds/core/detection-rules/open-redirect-dell-718c2b0f
Open redirect: designsori.com	Sublime Security	12d ago Jan 12th, 2026	Credential Phishing Malware/Ransomware Open redirect Sender analysis URL analysis	/feeds/core/detection-rules/open-redirect-designsoricom-4c38ff47
Open redirect: documentmailbox.com	Sublime Security	12d ago Jan 12th, 2026	Credential Phishing Malware/Ransomware Open redirect Sender analysis URL analysis	/feeds/core/detection-rules/open-redirect-documentmailboxcom-9b2e9179
Open redirect: Doubleclick.net	Sublime Security	8mo ago May 23rd, 2025	Credential Phishing Malware/Ransomware Open redirect Sender analysis URL analysis	/feeds/core/detection-rules/open-redirect-doubleclicknet-9c620146
Open redirect: eaoko.org	Sublime Security	12d ago Jan 12th, 2026	Credential Phishing Malware/Ransomware Open redirect Sender analysis URL analysis	/feeds/core/detection-rules/open-redirect-eaokoorg-f8fd9912
Open redirect: easycamp.com	Sublime Security	12d ago Jan 12th, 2026	Credential Phishing Malware/Ransomware Open redirect Sender analysis URL analysis	/feeds/core/detection-rules/open-redirect-easycampcom-f05d377d
Open redirect: embluemail.com	Sublime Security	5mo ago Aug 5th, 2025	Credential Phishing Malware/Ransomware Open redirect Sender analysis URL analysis	/feeds/core/detection-rules/open-redirect-embluemailcom-48c5abd3
Open redirect: emlakarsa	Sublime Security	12d ago Jan 12th, 2026	Credential Phishing Malware/Ransomware Open redirect Sender analysis URL analysis	/feeds/core/detection-rules/open-redirect-emlakarsa-ce5d5b63
Open redirect: emp.eduyield.com	Sublime Security	12d ago Jan 12th, 2026	Credential Phishing Malware/Ransomware Open redirect Sender analysis URL analysis	/feeds/core/detection-rules/open-redirect-empeduyieldcom-860e1381
Open redirect: eodcnetworkdirect.com	Sublime Security	12d ago Jan 12th, 2026	Credential Phishing Malware/Ransomware Open redirect Sender analysis URL analysis	/feeds/core/detection-rules/open-redirect-eodcnetworkdirectcom-ef31283e
Open redirect: events.csiro.au	Sublime Security	12d ago Jan 12th, 2026	Credential Phishing Malware/Ransomware Open redirect Sender analysis URL analysis	/feeds/core/detection-rules/open-redirect-eventscsiroau-836f9a98
Open redirect: ExacTag	Sublime Security	12d ago Jan 12th, 2026	Credential Phishing Malware/Ransomware Open redirect Sender analysis URL analysis	/feeds/core/detection-rules/open-redirect-exactag-5e40ea99
Open redirect: fenc.com	Sublime Security	12d ago Jan 12th, 2026	Credential Phishing Malware/Ransomware Open redirect Sender analysis URL analysis	/feeds/core/detection-rules/open-redirect-fenccom-6ff1ab52
Open redirect: g7.fr	Sublime Security	12d ago Jan 12th, 2026	Credential Phishing Malware/Ransomware Open redirect Sender analysis URL analysis	/feeds/core/detection-rules/open-redirect-g7fr-4a8dbc58
Open redirect: giving.lluh.org	Sublime Security	8mo ago May 23rd, 2025	Credential Phishing Evasion Open redirect Social engineering Content analysis Header analysis Sender analysis URL analysis	/feeds/core/detection-rules/open-redirect-givinglluhorg-a2bf1099
Open redirect (go2.aspx) leading to Microsoft credential phishing	Sublime Security	12d ago Jan 12th, 2026	Credential Phishing Impersonation: Brand Open redirect Content analysis Header analysis URL analysis	/feeds/core/detection-rules/open-redirect-go2aspx-leading-to-microsoft-credential-phishing-51667096
Open redirect: Google Ad Services	Sublime Security	2y ago May 10th, 2024	Credential Phishing Malware/Ransomware Open redirect Sender analysis URL analysis	/feeds/core/detection-rules/open-redirect-google-ad-services-9f91d33b
Open Redirect: Google domain with /url path and suspicious indicators	Sublime Security	12d ago Jan 12th, 2026	Credential Phishing Evasion Open redirect Computer Vision Content analysis File analysis Header analysis Natural Language Understanding Optical Character Recognition Sender analysis URL analysis	/feeds/core/detection-rules/open-redirect-google-domain-with-url-path-and-suspicious-indicators-fc5adf74
Open redirect: Google Web Light	@ajpc500	12d ago Jan 12th, 2026	Credential Phishing Malware/Ransomware Open redirect Sender analysis URL analysis	/feeds/core/detection-rules/open-redirect-google-web-light-e185b530
Open redirect: HHS	Sublime Security	3y ago Aug 21st, 2023	Credential Phishing Malware/Ransomware Open redirect Sender analysis URL analysis	/feeds/core/detection-rules/open-redirect-hhs-c2d8cda9
Open redirect: ijf.org	Sublime Security	12d ago Jan 12th, 2026	Credential Phishing Malware/Ransomware Open redirect Sender analysis URL analysis	/feeds/core/detection-rules/open-redirect-ijforg-aa07b31a
Open redirect: Indeed	Sublime Security	12d ago Jan 12th, 2026	Credential Phishing Malware/Ransomware Open redirect Sender analysis URL analysis	/feeds/core/detection-rules/open-redirect-indeed-98ce5477
Open redirect: IndiaTimes	Sublime Security	12d ago Jan 12th, 2026	Credential Phishing Malware/Ransomware Open redirect Sender analysis URL analysis	/feeds/core/detection-rules/open-redirect-indiatimes-d5e2ca78
Open redirect: isadatalab.com	Sublime Security	12d ago Jan 12th, 2026	Credential Phishing Malware/Ransomware Open redirect Sender analysis URL analysis	/feeds/core/detection-rules/open-redirect-isadatalabcom-344fb612

369 Rules

Page 5 of 8