Sublime Security Blog

Blog URL

sublime.security/blog

Posts YTD

1 ↓ vs 3 last year

Avg Posts/Month

2.1 since 2025

Monthly Post Volume

Start year: 2023 2024 2025 2026

Post Details

Search:

Title	Author	Published	Words	HN Pts
Everything old is new again: 3 trends from Black Hat USA, BSides …	Andrew Becherer	2025-08-18	832	--
Key findings from the Q1 2025 Sublime Email Threat Research Report	Machine Learning Team	2025-04-28	580	--
Tycoon 2FA credential phishing with cloned internal employee login	Peter Djordjevic	2025-03-27	702	--
Direct Send abuse on Microsoft 365: Just another failed authentication	Peter Djordjevic	2025-10-23	1,629	--
Microsoft OAuth URL used as redirect to AITM credential phishing site	Brandon Murphy	2025-03-20	632	--
Email bomb detection and prevention with Sublime	Dr. Anna Bertiger	2025-08-28	855	--
Detecting an email-based ClickFix attack that delivers DCRat malware payload	Josh "Soup" Campbell	2025-05-29	898	--
Hiding a $50,000 BEC financial fraud in a fake email thread	Sam Scholten	2025-01-07	825	--
Tax season email attacks: AdWind RATs and Tycoon 2FA phishing kits	Brandon Webster	2025-02-18	1,326	--
How ASA thinks: The technical architecture of Sublime's Autonomous Security Analyst	Aryan Luthra	2025-05-15	1,573	--
5 email security trends from 2025	Brian Baskin	2025-12-29	785	--
Figma abuse from compromised vendor used in credential theft attack	Sam Scholten	2025-04-30	475	--
Sublime NLU 3.0: Faster, more accurate, future-proof defense against AI email attacks	Aryan Luthra	2025-08-13	905	--
You've been invited to join a Meta for Business scam!	Luke Wescott	2025-11-21	872	--
Elastic + Sublime: Adding email to your security and observability stack	AJ Williams	2025-04-17	749	--
Introducing ASA: The Autonomous Security Analyst for email	AJ Williams	2025-04-23	536	--
ICS phishing: Stopping a surge of malicious calendar invites	Ahry Jeon	2025-11-03	1,131	--
Who are you trying to April Fool with that email scam?	Threat Detection Team	2025-04-01	627	--
Seeing both sides of a service abuse financial fraud using YOPmail disposable …	Josh "Soup" Campbell	2025-03-13	659	--
Community Spotlight: Email Detection Rules built by the Sublime Community	Threat Detection Team	2025-06-18	760	--
AITM phishing with Russian infrastructure and detection evasion from a lapsed domain	Brandon Murphy	2025-06-12	3,134	--
Callback phishing with online appointment abuse and distribution lists	Brandon Webster	2025-09-04	727	--
Sublime raises $150M Series C to arm defenders for the post-LLM world	Josh Kamdjou	2025-10-28	346	--
Salesforce infrastructure abuse: Stopping email scams and spam sent via SFDC	Brandon Murphy	2025-11-13	1,011	--
Enhanced message groups: Improving efficiency in email incident response	AJ Williams	2025-01-24	918	--
Google Careers impersonation credential phishing scam with endless variation	Brandon Murphy	2025-10-14	1,261	--
Email Topic Modeling: Simplifying detection with ML-powered granularity	Aryan Luthra	2025-02-07	992	--
TROX Stealer: A deep dive into a new Malware as a Service …	Threat Research Team	2025-04-10	2,586	--
Scripting Vector Grifts: SVG phishing with smuggled JS and adversary in the …	Brandon Murphy	2025-02-25	742	--
Keitaro TDS abused to deliver AutoIT-based loader targeting German speakers	Bryan Campbell	2025-07-24	1,532	--
UK Home Office visa & immigration scam targets Sponsor Management System accounts	Bryan Campbell	2025-10-08	974	--
Living Off Trusted Sites: Zoom service abuse to deliver credential phishing attack	Josh "Soup" Campbell	2025-07-02	521	--
Facebook credential phishing with job scams impersonating well-known companies	Bryan Campbell	2025-10-16	651	--
Evolving our brand as Sublime grows	Omar Jalalzada	2025-12-16	849	--
ScreenConnect as malware via Canva abuse and Docusign impersonation	Brian Baskin	2025-05-08	1,527	--
How to build fast similarity search for email from the ground up	Ross Wolf	2025-12-18	2,932	--
Welcoming Andrew Becherer as Sublime's CISO	Josh Kamdjou	2025-04-21	311	--
Phishing for Xfinity credentials with malicious Zoom Docs	Brandon Webster	2025-07-17	549	--
Sublime's AI agents are just the tip of the platform	Aryan Luthra	2025-12-04	1,460	--
Credential phishing Charles Schwab account holders with 2FA bypass	Aiden Mitchell	2025-01-29	417	--
More than "plausible nonsense": A rigorous eval for ADÃ, our security coding …	Bobby Filar	2025-09-25	1,673	--
Fake Meta Ads Manager in App Store and TestFlight used to phish …	Brandon Webster	2025-09-23	816	--
$500K financial fraud built on BEC, a domain lookalike, and a fake …	Sam Scholten	2025-04-03	687	--
Using the X/Twitter link shortener (t.co) to hide an AITM credential phishing …	Brandon Webster	2025-06-25	504	--
Multi-RMM attack: Splashtop Streamer and Atera payloads delivered via Discord CDN link	Josh "Soup" Campbell	2025-07-31	600	--
Automatic malicious calendar event remediation	Ahry Jeon	2025-12-09	368	--
Technical deep dive of NLU 3.0: Modular, multi-headed, with advanced synthetic training	Stefano Meschiari	2025-08-26	959	--
Impersonated Evite and Punchbowl invitations used for credential phishing and malware distribution	Brandon Webster	2025-10-02	1,071	--
Meet ADÃ: The Autonomous Detection Engineer for email	AJ Williams	2025-09-11	655	--
Base64-encoding an SVG attack within an iframe and hiding it all in …	Sam Scholten	2025-03-06	848	--
HostPapa abuse treasure trove discovered in GoDaddy email threat hunt	Peter Djordjevic	2026-01-06	1,399	--

Plushcap, by Matt Makai. 2021-2026.