diff --git a/clusters/threat-actor.json b/clusters/threat-actor.json
index 97cc4f2..b021aa5 100644
--- a/clusters/threat-actor.json
+++ b/clusters/threat-actor.json
@@ -13849,6 +13849,18 @@
       },
       "uuid": "c9ffcc82-f7ac-46ce-9ea2-91e51d14e11b",
       "value": "Storm-1283"
+    },
+    {
+      "description": "Solntsepek is a threat actor group with ties to the Russian military unit GRU. They have claimed responsibility for a cyberattack on Kyivstar, a Ukrainian mobile operator, and have been linked to previous attacks on Ukrainian infrastructure. Solntsepek has been associated with the Sandworm hacking group, known for their destructive cyberattacks, including the NotPetya worm. They have also engaged in hostile activities, such as revealing personal details of Ukrainian soldiers.",
+      "meta": {
+        "country": "RU",
+        "refs": [
+          "https://kyivindependent.com/sbu-russian-hacker-group-reponsible-for-kyiv-star-cyberattack/",
+          "https://dev.ua/ru/news/atakovali-suspilne-provaiderov-i-minrazvitiya-obschin-kto-stoit-za-rossiiskoi-gruppirovkoi-solntsepek-kotoraya-aktivizirovala-napadeniya-na-ukrainskie-struktury"
+        ]
+      },
+      "uuid": "0b792fbe-87c2-42c5-8d0d-97c7d47078b5",
+      "value": "Solntsepek"
     }
   ],
   "version": 296