diff --git a/clusters/threat-actor.json b/clusters/threat-actor.json
index afe7479b..cc3548a3 100644
--- a/clusters/threat-actor.json
+++ b/clusters/threat-actor.json
@@ -17120,6 +17120,23 @@
       },
       "uuid": "0c18304e-e65f-4881-94e1-cc2d621ec563",
       "value": "DarkRaaS"
+    },
+    {
+      "description": "BLACKMETA is a pro-Palestinian hacktivist group that has claimed responsibility for a series of DDoS attacks and data breaches targeting organizations perceived as supportive of Israel, including the Internet Archive and various entities in the UAE and Saudi Arabia. The group employs DDoS attacks, website defacement, and data exfiltration, with motivations rooted in political ideology and retribution for perceived injustices against Palestinians. Their operations have been linked to a Telegram channel, where they publicize their activities and collaborate with other hacktivist groups. Additionally, they have been attributed to significant cyber disruptions, including a 100-hour DDoS campaign against a UAE bank, showcasing their operational capabilities.",
+      "meta": {
+        "country": "PS",
+        "refs": [
+          "https://thecyberexpress.com/sn-blackmeta-claim-snapchat-cyberattack/",
+          "https://www.radware.com/security/threat-advisories-and-attack-reports/six-day-web-ddos-attack-campaign/",
+          "https://securityboulevard.com/?p=2033037",
+          "https://socradar.io/internet-archive-data-breach-and-ddos-attacks/"
+        ],
+        "synonyms": [
+          "SN Blackmeta"
+        ]
+      },
+      "uuid": "969753d8-3cc9-43a2-9b8d-753d2bb385b4",
+      "value": "Blackmeta"
     }
   ],
   "version": 318