diff --git a/clusters/threat-actor.json b/clusters/threat-actor.json
index 7ceed02..4f5d076 100644
--- a/clusters/threat-actor.json
+++ b/clusters/threat-actor.json
@@ -14155,6 +14155,21 @@
       },
       "uuid": "79a347d9-1938-4550-8836-98e4ed95f77c",
       "value": "Denim Tsunami"
+    },
+    {
+      "description": "Blue Tsunami, also known as Black Cube, is a cyber mercenary group associated with the private intelligence firm Black Cube. They target individuals in various industries, including human rights, finance, and consulting. Blue Tsunami engages in social engineering and uses techniques such as honeypot profiles, fake jobs, and fake companies to gather human intelligence for their clients. LinkedIn and Microsoft recently took down numerous fake accounts and company pages linked to Blue Tsunami.",
+      "meta": {
+        "country": "IL",
+        "refs": [
+          "https://precisionpconline.com/a-unified-front-against-cyber-mercenaries/",
+          "https://www.microsoft.com/en-us/security/blog/2023/11/09/microsoft-shares-threat-intelligence-at-cyberwarcon-2023/"
+        ],
+        "synonyms": [
+          "Black Cube"
+        ]
+      },
+      "uuid": "46104ded-49f5-4440-bd25-e05c1126f0ba",
+      "value": "Blue Tsunami"
     }
   ],
   "version": 298