Sublime Security

We’re thrilled to announce our $60M series B to build the new standard for email security! ????? Thank you to our customers, community, and partners for trusting us. We could not be more excited to build the future of email security with you. Thank you to our investors for believing in our vision. Founder & CEO Josh Kamdjou shares his thoughts on how we got here and where we’re headed next: https://lnkd.in/gJqhpTdj

Most cyber founders end up tackling a problem they faced in a previous role as a defender. Josh Kamdjou of Sublime Security decided to tackle a problem he found too easy to exploit as an attacker. In the latest episode of Secure Ventures with Kyle McNulty we discuss his journey to becoming an email security founder and how they decided to rethink the data feeding their platform. Huge thanks to our sponsor, VulnCheck! Episode link in comments.

We’ve observed an uptick in SVG file abuse to deliver email attacks. SVGs are XML-based image files designed for scalability and interactivity, and attackers are leveraging this flexibility to smuggle in malicious code. Learn about a recent attack campaign we detected that used harmless-looking SVGs to smuggle in malicious JS to launch an adversary in the middle credential phishing attack: https://lnkd.in/gxyAfBdA

Bad actors will use seasonality as camouflage for their attacks. So while most of us don’t look forward to tax time, scammers *do*, using the influx of tax-related emails as a smoke screen to slip seasonal attacks past security. Learn about some of the attacks that Sublime has already detected this year, including the use of the Tycoon 2FA phishing kit and AdWind malware: https://lnkd.in/gyNg5ewU

We’re excited to announce the release of Topic Modeling, our machine-learning powered, automatic classification system that enhances our detection engine’s efficacy and granularity. Read our blog to learn how it works and how we used LLMs to?help us?build it: https://lnkd.in/gWgRXe-q

“The idea is to blend in with normal behavior, normal traffic to evade detection. The translation to the email layer is leveraging similar types of trusted infrastructure that you see legitimately being sent to and from an organization’s email domain.” Listen to Founder & CEO Josh Kamdjou chat with Patrick Gray on this week’s Risky Business episode where they discuss the recent evolution of service abuse on trusted domains like Docusign, attacker adaptation, and how Sublime keeps up. The conversation starts at 40:28: https://risky.biz/RB778/

Who's headed to Wild West Hackin' Fest this week? Come meet the Sublime team at Booth 17 to talk all things #emailsecurity! Ford Anderson Eric G. https://lnkd.in/ePbfx6U

With two-factor authentication (2FA), attackers need to steal more than just login credentials to hijack an account. In a recent credential phishing attack, bad actors attempted to harvest Charles Schwab account holder 2FA tokens along with login credentials in order to bypass that added layer of security. Learn about the attack and the signals we used to detect it:?https://lnkd.in/gMk3b3eX

Mass volume email attack campaigns are often customized to the recipient to increase legitimacy. We recently improved our campaign grouping algorithm to be better at identifying similar messages in a campaign to cut review time, reduce alerts, and boost herd immunity. Read how it works here: https://lnkd.in/gtTQ56Pg

We've dropped a detection rule for Sublime Security customers and CVE-2025-21298, and added a POC to trigger the memory corruption bug.