Rule Name & Severity | Author | Last Updated | Labels | |
|---|---|---|---|---|
Attachment: Compensation review lure with QR code | Sublime Security | 11d ago Dec 10th, 2025 | /feeds/core/detection-rules/attachment-compensation-review-lure-with-qr-code-9fd8185c | |
Attachment: Fake voicemail via PDF | Sublime Security | 4mo ago Aug 5th, 2025 | /feeds/core/detection-rules/attachment-fake-voicemail-via-pdf-d3587209 | |
Attachment: HTML smuggling - QR Code with suspicious links | Sublime Security | 5mo ago Jul 16th, 2025 | /feeds/core/detection-rules/attachment-html-smuggling-qr-code-with-suspicious-links-010e757d | |
Attachment: PDF with recipient email in link | Sublime Security | 2mo ago Oct 10th, 2025 | /feeds/core/detection-rules/attachment-pdf-with-recipient-email-in-link-0399d08f | |
Attachment: QR code link with base64-encoded recipient address | Sublime Security | 4mo ago Aug 5th, 2025 | /feeds/core/detection-rules/attachment-qr-code-link-with-base64-encoded-recipient-address-927a0c1a | |
Attachment: QR code with credential phishing indicators | Sublime Security | 3mo ago Sep 4th, 2025 | /feeds/core/detection-rules/attachment-qr-code-with-credential-phishing-indicators-9f1681e1 | |
Attachment: QR code with userinfo portion | Sublime Security | 4mo ago Aug 5th, 2025 | /feeds/core/detection-rules/attachment-qr-code-with-userinfo-portion-9d62cc5c | |
Attachment: SVG files with evasion elements | Sublime Security | 4mo ago Aug 8th, 2025 | /feeds/core/detection-rules/attachment-svg-files-with-evasion-elements-5d2dbb60 | |
Brand impersonation: Adobe (QR code) | Sublime Security | 2mo ago Oct 3rd, 2025 | /feeds/core/detection-rules/brand-impersonation-adobe-qr-code-2fc36c6d | |
Brand impersonation: DocuSign (QR code) | Sublime Security | 2mo ago Oct 15th, 2025 | /feeds/core/detection-rules/brand-impersonation-docusign-qr-code-0b16c28a | |
Brand impersonation: DocuSign with embedded QR code | Sublime Security | 2mo ago Oct 17th, 2025 | /feeds/core/detection-rules/brand-impersonation-docusign-with-embedded-qr-code-f5cde463 | |
Brand Impersonation: Google (QR Code) | Sublime Security | 2mo ago Oct 17th, 2025 | /feeds/core/detection-rules/brand-impersonation-google-qr-code-7ffd184c | |
Brand impersonation: Microsoft (QR code) | Sublime Security | 2mo ago Sep 22nd, 2025 | /feeds/core/detection-rules/brand-impersonation-microsoft-qr-code-ed0f772a | |
Compensation review with QR code in attached EML | Sublime Security | 25d ago Nov 26th, 2025 | /feeds/core/detection-rules/compensation-review-with-qr-code-in-attached-eml-98a2f03c | |
Extortion / Sextortion - PDF attachment leveraging breach data from freemail sender | Sublime Security | 10mo ago Feb 3rd, 2025 | /feeds/core/detection-rules/extortion-sextortion-pdf-attachment-leveraging-breach-data-from-freemail-sender-efb5a213 | |
Link: QR code in EML attachment with credential phishing indicators | Sublime Security | 19d ago Dec 2nd, 2025 | /feeds/core/detection-rules/link-qr-code-in-eml-attachment-with-credential-phishing-indicators-9908ed3a | |
Link: QR code with phishing disposition in img or pdf | Sublime Security | 4mo ago Jul 30th, 2025 | /feeds/core/detection-rules/link-qr-code-with-phishing-disposition-in-img-or-pdf-8e8949f6 | |
Link: QR Code with suspicious language (untrusted sender) | Sublime Security | 4mo ago Jul 30th, 2025 | /feeds/core/detection-rules/link-qr-code-with-suspicious-language-untrusted-sender-25a84d1c | |
Open redirect: typedrawers.com | Sublime Security | 7mo ago May 23rd, 2025 | /feeds/core/detection-rules/open-redirect-typedrawerscom-158d9e95 | |
QR Code with suspicious indicators | Sublime Security | 9d ago Dec 12th, 2025 | /feeds/core/detection-rules/qr-code-with-suspicious-indicators-04f5c34f | |
Service abuse: Monday.com infrastructure with phishing intent | Sublime Security | 3d ago Dec 18th, 2025 | /feeds/core/detection-rules/service-abuse-mondaycom-infrastructure-with-phishing-intent-a346e3b1 |