diff --git a/clusters/threat-actor.json b/clusters/threat-actor.json
index bb14d1b..1274e6e 100644
--- a/clusters/threat-actor.json
+++ b/clusters/threat-actor.json
@@ -15269,6 +15269,16 @@
       },
       "uuid": "74268518-8dd9-4223-9f7f-54421463cdb3",
       "value": "GoldFactory"
+    },
+    {
+      "description": "SPIKEDWINE is a threat actor targeting European officials with a new backdoor called WINELOADER. They use a bait PDF document posing as an invitation letter from the Ambassador of India to lure diplomats. The attack is characterized by advanced tactics, techniques, and procedures in the malware and command and control infrastructure. The motivation behind the attacks seems to be exploiting the geopolitical relations between India and European nations.",
+      "meta": {
+        "refs": [
+          "https://www.zscaler.com/blogs/security-research/european-diplomats-targeted-spikedwine-wineloader"
+        ]
+      },
+      "uuid": "d3cda6b1-a5da-4afc-bee4-80ea2cf05e5e",
+      "value": "SPIKEDWINE"
     }
   ],
   "version": 302