diff --git a/clusters/threat-actor.json b/clusters/threat-actor.json
index 9e8a144..3d2a291 100644
--- a/clusters/threat-actor.json
+++ b/clusters/threat-actor.json
@@ -13744,6 +13744,19 @@
       },
       "uuid": "d869486a-ec70-4a74-897e-31aa7b3df48d",
       "value": "UAC-0118"
+    },
+    {
+      "description": "UAC-0050 is a threat actor that has been active since 2020, targeting government agencies in Ukraine. They have been distributing the Remcos RAT malware through phishing campaigns, using tactics such as impersonating the Security Service of Ukraine and sending emails with malicious attachments. The group has also been linked to other hacking collectives, such as UAC-0096, and has previously used remote administration tools like Remote Utilities. The motive behind their attacks is likely espionage.",
+      "meta": {
+        "refs": [
+          "https://cert.gov.ua/article/3931296",
+          "https://socprime.com/blog/remcos-rat-detection-uac-0050-hackers-launch-phishing-attacks-impersonating-the-security-service-of-ukraine/",
+          "https://socprime.com/blog/new-phishing-attack-detection-attributed-to-the-uac-0050-and-uac-0096-groups-spreading-remcos-spyware/",
+          "https://cert.gov.ua/article/3804703"
+        ]
+      },
+      "uuid": "e3ff56b6-2663-46bd-9e5c-017a350896d9",
+      "value": "UAC-0050"
     }
   ],
   "version": 295