diff --git a/clusters/threat-actor.json b/clusters/threat-actor.json
index be56889..ee8df94 100644
--- a/clusters/threat-actor.json
+++ b/clusters/threat-actor.json
@@ -13579,6 +13579,16 @@
       },
       "uuid": "99d188cf-31e5-440d-a114-297cb2242d73",
       "value": "Red-Lili"
+    },
+    {
+      "description": "Wildcard is a threat actor that initially targeted Israel's educational sector with the SysJoker malware. They have since expanded their operations and developed additional malware variants, disguised as legitimate software, including one written in the Rust programming language called RustDown. Their precise identity remains unknown, but they have shown advanced capabilities and a focus on critical sectors within Israel.",
+      "meta": {
+        "refs": [
+          "https://intezer.com/blog/research/wildcard-evolution-of-sysjoker-cyber-threat/"
+        ]
+      },
+      "uuid": "dc8a7137-f56e-41db-a500-920e69fa29f5",
+      "value": "WildCard"
     }
   ],
   "version": 295