diff --git a/clusters/threat-actor.json b/clusters/threat-actor.json
index 76e932d..69e020d 100644
--- a/clusters/threat-actor.json
+++ b/clusters/threat-actor.json
@@ -16690,7 +16690,7 @@
       "value": "HikkI-Chan"
     },
     {
-      "description": "Earth Baxia is a threat actor opearting ot of China, targeting government organizations in Taiwan and potentially across the APAC region, using spear-phishing emails and exploiting the GeoServer vulnerability CVE-2024-36401 for remote code execution, deploying customized Cobalt Strike components with altered signatures, leveraging GrimResource and AppDomainManager injection techniques to deliver additional payloads, and utilizing a new backdoor named EAGLEDOOR for multi-protocol communication and payload delivery.",
+      "description": "Earth Baxia is a threat actor opearting out of China, targeting government organizations in Taiwan and potentially across the APAC region, using spear-phishing emails and exploiting the GeoServer vulnerability CVE-2024-36401 for remote code execution, deploying customized Cobalt Strike components with altered signatures, leveraging GrimResource and AppDomainManager injection techniques to deliver additional payloads, and utilizing a new backdoor named EAGLEDOOR for multi-protocol communication and payload delivery.",
       "meta": {
         "country": "CN",
         "refs": [