Sublime Core Feed | Sublime Security

Sublime Core Feed
Login to Sublime
Sublime Core FeedThis repo contains open-source Rules for Sublime, a free and open platform for detecting and preventing email attacks like BEC, malware, and credential phishing.
Sublime Security
Last updated Jan 16th, 2026
Feed Source
GitHub
Attack Type is
Rule Name & Severity
Last Updated
Attachment: Legal themed message or PDF with suspicious indicators
Sublime Security
4d ago
Jan 12th, 2026
Credential Phishing
Extortion
BEC/Fraud
Evasion
PDF
Social engineering
Content analysis
File analysis
Natural Language Understanding
Optical Character Recognition
URL analysis
Whois
Header analysis
Exif analysis
Credential Phishing
Extortion
BEC/Fraud
Evasion
PDF
Social engineering
Content analysis
File analysis
Natural Language Understanding
Optical Character Recognition
URL analysis
Whois
Header analysis
Exif analysis
/feeds/core/detection-rules/attachment-legal-themed-message-or-pdf-with-suspicious-indicators-19133301
Brand impersonation: Vanguard
Sublime Security
3mo ago
Sep 22nd, 2025
BEC/Fraud
Callback Phishing
Credential Phishing
Extortion
Malware/Ransomware
Spam
Impersonation: Brand
Natural Language Understanding
Header analysis
Sender analysis
BEC/Fraud
Callback Phishing
Credential Phishing
Extortion
Malware/Ransomware
Spam
Impersonation: Brand
Natural Language Understanding
Header analysis
Sender analysis
/feeds/core/detection-rules/brand-impersonation-vanguard-3bd048fe
Brand impersonation: WeTransfer
Sublime Security
5mo ago
Aug 5th, 2025
BEC/Fraud
Callback Phishing
Credential Phishing
Extortion
Malware/Ransomware
Spam
Impersonation: Brand
Content analysis
Header analysis
Sender analysis
BEC/Fraud
Callback Phishing
Credential Phishing
Extortion
Malware/Ransomware
Spam
Impersonation: Brand
Content analysis
Header analysis
Sender analysis
/feeds/core/detection-rules/brand-impersonation-wetransfer-e37885ad
Encrypted Microsoft Office files from untrusted sender
Sublime Security
5mo ago
Aug 5th, 2025
BEC/Fraud
Callback Phishing
Credential Phishing
Extortion
Malware/Ransomware
Spam
Encryption
Evasion
File analysis
YARA
Sender analysis
BEC/Fraud
Callback Phishing
Credential Phishing
Extortion
Malware/Ransomware
Spam
Encryption
Evasion
File analysis
YARA
Sender analysis
/feeds/core/detection-rules/encrypted-microsoft-office-files-from-untrusted-sender-eb7b26e7
Extortion / sextortion in attachment from untrusted sender
Sublime Security
5mo ago
Aug 5th, 2025
Extortion
Social engineering
Spoofing
Computer Vision
Content analysis
File analysis
Natural Language Understanding
Optical Character Recognition
Sender analysis
Extortion
Social engineering
Spoofing
Computer Vision
Content analysis
File analysis
Natural Language Understanding
Optical Character Recognition
Sender analysis
/feeds/core/detection-rules/extortion-sextortion-in-attachment-from-untrusted-sender-3cb8d32c
Extortion / sextortion (untrusted sender)
Sublime Security
28d ago
Dec 19th, 2025
Extortion
Social engineering
Spoofing
Content analysis
Header analysis
Natural Language Understanding
Sender analysis
Extortion
Social engineering
Spoofing
Content analysis
Header analysis
Natural Language Understanding
Sender analysis
/feeds/core/detection-rules/extortion-sextortion-untrusted-sender-265913eb
Mismatched links: Free file share with urgent language
Sublime Security
5mo ago
Aug 5th, 2025
BEC/Fraud
Callback Phishing
Credential Phishing
Extortion
Malware/Ransomware
Spam
Free file host
Social engineering
Natural Language Understanding
Sender analysis
URL analysis
BEC/Fraud
Callback Phishing
Credential Phishing
Extortion
Malware/Ransomware
Spam
Free file host
Social engineering
Natural Language Understanding
Sender analysis
URL analysis
/feeds/core/detection-rules/mismatched-links-free-file-share-with-urgent-language-478334c8
Potential prompt injection attack in body HTML
Sublime Security
4d ago
Jan 12th, 2026
Callback Phishing
Credential Phishing
Extortion
Malware/Ransomware
Spam
BEC/Fraud
Evasion
Social engineering
Header analysis
HTML analysis
Content analysis
Callback Phishing
Credential Phishing
Extortion
Malware/Ransomware
Spam
BEC/Fraud
Evasion
Social engineering
Header analysis
HTML analysis
Content analysis
/feeds/core/detection-rules/potential-prompt-injection-attack-in-body-html-5fb24736
Service Abuse: GoDaddy infrastructure
Sublime Security
9d ago
Jan 7th, 2026
Callback Phishing
Extortion
Evasion
Natural Language Understanding
Content analysis
Callback Phishing
Extortion
Evasion
Natural Language Understanding
Content analysis
/feeds/core/detection-rules/service-abuse-godaddy-infrastructure-8a2dd357
Suspicious Links to Cloudflare R2 and Edge Services
Sublime Security
4d ago
Jan 12th, 2026
BEC/Fraud
Callback Phishing
Credential Phishing
Extortion
Malware/Ransomware
Spam
Free file host
Header analysis
Sender analysis
URL analysis
BEC/Fraud
Callback Phishing
Credential Phishing
Extortion
Malware/Ransomware
Spam
Free file host
Header analysis
Sender analysis
URL analysis
/feeds/core/detection-rules/suspicious-links-to-cloudflare-r2-and-edge-services-5dd3e5c8
10 Rules