Public phishing feed: suspicious/confirmed phishing URLs detected hourly. No auth, CC0.
IOCs (URLs, domains, IPs, hashes) shared by the infosec community on X/Twitter. No auth, CC0.