diff --git a/clusters/tool.json b/clusters/tool.json
index 64d3048..8737a0e 100644
--- a/clusters/tool.json
+++ b/clusters/tool.json
@@ -8570,7 +8570,29 @@
       },
       "uuid": "0bdb6f1c-1229-4556-a535-7444ddfbd7a9",
       "value": "GootLoader"
+    },
+    {
+      "description": "BumbleBee is a modular backdoor that comprises two applications, a server and a client application (a master and slaver application, respectively in the malware’s jargon). Once the client application is deployed on the target computer (these are commonly local government devices), threat actors can control the machine using the server module. Let us take a deeper look into this backdoor.",
+      "meta": {
+        "refs": [
+          "https://www.trendmicro.com/en_us/research/22/i/buzzing-in-the-background-bumblebee-a-new-modular-backdoor-evolv.html"
+        ],
+        "type": [
+          "backdoor"
+        ]
+      },
+      "related": [
+        {
+          "dest-uuid": "96b2b31e-b191-43c4-9929-48ba1cbee62c",
+          "tags": [
+            "estimative-language:likelihood-probability=\"likely\""
+          ],
+          "type": "related-to"
+        }
+      ],
+      "uuid": "6fc4beee-b922-4d25-833d-8fb574a3c56e",
+      "value": "BumbleBee"
     }
   ],
-  "version": 153
+  "version": 154
 }