diff --git a/clusters/threat-actor.json b/clusters/threat-actor.json
index 6dc1add..8ead5ee 100644
--- a/clusters/threat-actor.json
+++ b/clusters/threat-actor.json
@@ -13210,6 +13210,17 @@
       },
       "uuid": "013f56ea-a441-483f-812c-c384c790e474",
       "value": "UAC-0006"
+    },
+    {
+      "description": "NewsPenguin is threat actor that has been targeting organizations in Pakistan. They use a complex payload delivery mechanism and exploit the upcoming Pakistan International Maritime Expo & Conference as a lure to trick their victims. The group has been linked to a phishing campaign that leverages spear-phishing emails and weaponized documents to deliver an advanced espionage tool.",
+      "meta": {
+        "refs": [
+          "https://www.rewterz.com/rewterz-news/rewterz-threat-alert-newspenguin-threat-actors-targeting-pakistani-entities-with-malicious-campaign-active-iocs",
+          "https://blogs.blackberry.com/en/2023/02/newspenguin-a-previously-unknown-threat-actor-targets-pakistan-with-advanced-espionage-tool"
+        ]
+      },
+      "uuid": "4c4a8cb7-b4c4-4637-8e41-dfe19a6b40c7",
+      "value": "NewsPenguin"
     }
   ],
   "version": 294