diff --git a/clusters/threat-actor.json b/clusters/threat-actor.json
index de7435e..9e8a144 100644
--- a/clusters/threat-actor.json
+++ b/clusters/threat-actor.json
@@ -13728,6 +13728,22 @@
       },
       "uuid": "e883458d-496f-4a94-b916-4b7b83e3d525",
       "value": "DEV-0569"
+    },
+    {
+      "description": "From Russia with Love, is a threat actor group that emerged during the Russia-Ukraine war in 2022. They primarily engage in DDoS attacks and have targeted critical infrastructure, media, energy, and government entities. FRwL has been linked to the use of the Somnia ransomware, which they employ as a wiper rather than for financial gain. While there is no direct evidence linking FRwL to the Russian Main Intelligence Directorate, it is possible that they coordinate activities with state-aligned hacktivist groups.",
+      "meta": {
+        "refs": [
+          "https://socprime.com/blog/somnia-malware-detection-uac-0118-aka-frwl-launches-cyber-attacks-against-organizations-in-ukraine-using-enhanced-malware-strains/",
+          "https://spixnet.at/cybersecurity-blog/2022/11/15/russian-hacktivists-hit-ukrainian-orgs-with-ransomware-but-no-ransom-demands/",
+          "https://outpost24.com/blog/ics-attack-classifications/"
+        ],
+        "synonyms": [
+          "FRwL",
+          "FromRussiaWithLove"
+        ]
+      },
+      "uuid": "d869486a-ec70-4a74-897e-31aa7b3df48d",
+      "value": "UAC-0118"
     }
   ],
   "version": 295