Sublime Core Feed | Sublime Security

Sublime Core Feed
Login to Sublime
Sublime Core FeedThis repo contains open-source Rules for Sublime, a free and open platform for detecting and preventing email attacks like BEC, malware, and credential phishing.
Sublime Security
Last updated Dec 26th, 2025
Feed Source
GitHub
Tactic or Technique is
Rule Name & Severity
Last Updated
Attachment: EML file with IPFS links
Sublime Security
1mo ago
Nov 4th, 2025
Credential Phishing
Evasion
Free file host
Free subdomain host
IPFS
File analysis
URL analysis
Credential Phishing
Evasion
Free file host
Free subdomain host
IPFS
File analysis
URL analysis
/feeds/core/detection-rules/attachment-eml-file-with-ipfs-links-1fe9d7e7
Credential phishing: Engaging language with IPFS link
Sublime Security
2y ago
May 3rd, 2024
Credential Phishing
Free file host
Free subdomain host
IPFS
Content analysis
Natural Language Understanding
URL analysis
Credential Phishing
Free file host
Free subdomain host
IPFS
Content analysis
Natural Language Understanding
URL analysis
/feeds/core/detection-rules/credential-phishing-engaging-language-with-ipfs-link-996c4d83
Sublime Security
5mo ago
Jul 16th, 2025
Credential Phishing
Malware/Ransomware
Free file host
Free subdomain host
IPFS
Sender analysis
URL analysis
Credential Phishing
Malware/Ransomware
Free file host
Free subdomain host
IPFS
Sender analysis
URL analysis
/feeds/core/detection-rules/link-ipfs-19fa6442
Vendor compromise: GovDelivery message with suspicious link
Sublime Security
5mo ago
Aug 5th, 2025
Credential Phishing
Malware/Ransomware
Free subdomain host
IPFS
Social engineering
Evasion
Impersonation: Brand
Natural Language Understanding
URL analysis
Whois
Credential Phishing
Malware/Ransomware
Free subdomain host
IPFS
Social engineering
Evasion
Impersonation: Brand
Natural Language Understanding
URL analysis
Whois
/feeds/core/detection-rules/vendor-compromise-govdelivery-message-with-suspicious-link-0d2d5172
4 Rules