diff --git a/clusters/threat-actor.json b/clusters/threat-actor.json
index 97fe3eb..f245a4e 100644
--- a/clusters/threat-actor.json
+++ b/clusters/threat-actor.json
@@ -5751,7 +5751,19 @@
           "https://www.secureworks.com/research/threat-profiles/bronze-mohawk",
           "https://www.mycert.org.my/portal/advisory?id=MA-774.022020",
           "https://www.elastic.co/blog/advanced-techniques-used-in-malaysian-focused-apt-campaign",
-          "https://www.microsoft.com/security/blog/2020/09/24/gadolinium-detecting-empires-cloud/"
+          "https://www.microsoft.com/security/blog/2020/09/24/gadolinium-detecting-empires-cloud/",
+          "https://www.justice.gov/opa/pr/four-chinese-nationals-working-ministry-state-security-charged-global-computer-intrusion",
+          "https://www.justice.gov/opa/press-release/file/1412916/download",
+          "https://www.justice.gov/opa/press-release/file/1412921/download",
+          "https://us-cert.cisa.gov/ncas/alerts/aa21-200a",
+          "https://us-cert.cisa.gov/ncas/alerts/aa21-200b",
+          "https://www.canada.ca/en/global-affairs/news/2021/07/statement-on-chinas-cyber-campaigns.html",
+          "https://www.ncsc.gov.uk/news/uk-allies-hold-chinese-state-responsible-for-pervasive-pattern-of-hacking",
+          "https://www.gov.uk/government/news/uk-and-allies-hold-chinese-state-responsible-for-a-pervasive-pattern-of-hacking",
+          "https://www.rnz.co.nz/news/political/447239/government-points-finger-at-china-over-cyber-attacks",
+          "https://www.foreignminister.gov.au/minister/marise-payne/media-release/australia-joins-international-partners-attribution-malicious-cyber-activity-china",
+          "https://www.mofa.go.jp/press/danwa/press6e_000312.html",
+          "https://www.consilium.europa.eu/en/press/press-releases/2021/07/19/declaration-by-the-high-representative-on-behalf-of-the-eu-urging-china-to-take-action-against-malicious-cyber-activities-undertaken-from-its-territory"
         ],
         "synonyms": [
           "TEMP.Periscope",
@@ -7205,7 +7217,18 @@
           "https://www.secureworks.com/research/bronze-vinewood-targets-supply-chains",
           "https://www.secureworks.com/research/threat-profiles/bronze-vinewood",
           "https://www.crowdstrike.com/resources/reports/2019-crowdstrike-global-threat-report",
-          "https://go.crowdstrike.com/rs/281-OBQ-266/images/Report2020CrowdStrikeGlobalThreatReport.pdf"
+          "https://go.crowdstrike.com/rs/281-OBQ-266/images/Report2020CrowdStrikeGlobalThreatReport.pdf",
+          "https://research.checkpoint.com/2021/the-story-of-jian",
+          "https://supo.fi/-/suojelupoliisi-tunnisti-eduskuntaan-kohdistuneen-kybervakoiluoperaation-apt31-ksi",
+          "https://poliisi.fi/-/eduskunnan-tietojarjestelmiin-kohdistuneen-tietomurron-tutkinnassa-selvitetaan-yhteytta-apt31-toimijaan",
+          "https://pst.no/alle-artikler/pressemeldinger/etterforskningen-av-datanettverksoperasjonen-mot-fylkesmannsembetene-er-avsluttet",
+          "https://www.nrk.no/norge/pst_-har-etterretning-om-at-kinesisk-gruppe-stod-bak-dataangrep-mot-statsforvaltere-1.15540601",
+          "https://www.ncsc.gov.uk/news/uk-allies-hold-chinese-state-responsible-for-pervasive-pattern-of-hacking",
+          "https://www.gov.uk/government/news/uk-and-allies-hold-chinese-state-responsible-for-a-pervasive-pattern-of-hacking",
+          "https://www.foreignminister.gov.au/minister/marise-payne/media-release/australia-joins-international-partners-attribution-malicious-cyber-activity-china",
+          "https://www.consilium.europa.eu/en/press/press-releases/2021/07/19/declaration-by-the-high-representative-on-behalf-of-the-eu-urging-china-to-take-action-against-malicious-cyber-activities-undertaken-from-its-territory/",
+          "https://www.cert.ssi.gouv.fr/ioc/CERTFR-2021-IOC-003",
+          "https://twitter.com/bkMSFT/status/1417823714922610689"
         ],
         "synonyms": [
           "APT 31",
@@ -8383,7 +8406,10 @@
           "https://github.com/microsoft/Microsoft-365-Defender-Hunting-Queries/blob/master/Execution/exchange-iis-worker-dropping-webshell.md",
           "https://msrc-blog.microsoft.com/2021/03/02/multiple-security-updates-released-for-exchange-server",
           "https://www.nextron-systems.com/2021/03/06/scan-for-hafnium-exploitation-evidence-with-thor-lite",
-          "https://www.thedailybeast.com/how-chinas-devastating-microsoft-hack-puts-us-all-at-risk"
+          "https://www.thedailybeast.com/how-chinas-devastating-microsoft-hack-puts-us-all-at-risk",
+          "https://www.rnz.co.nz/news/political/447239/government-points-finger-at-china-over-cyber-attacks",
+          "https://www.gov.uk/government/news/uk-and-allies-hold-chinese-state-responsible-for-a-pervasive-pattern-of-hacking",
+          "https://www.foreignminister.gov.au/minister/marise-payne/media-release/australia-joins-international-partners-attribution-malicious-cyber-activity-china"
         ]
       },
       "uuid": "4f05d6c1-3fc1-4567-91cd-dd4637cc38b5",