diff --git a/clusters/threat-actor.json b/clusters/threat-actor.json
index 088da3b..8be7577 100644
--- a/clusters/threat-actor.json
+++ b/clusters/threat-actor.json
@@ -14406,6 +14406,20 @@
       },
       "uuid": "03ff54cf-f7d4-4606-a531-2ca6d4fa6a54",
       "value": "Ruby Sleet"
+    },
+    {
+      "description": "Microsoft has tracked Raspberry Typhoon (RADIUM) as the primary threat group targeting nations that ring the South China Sea. Raspberry Typhoon consistently targets government ministries, military entities, and corporate entities connected to critical infrastructure, particularly telecoms. Since January 2023, Raspberry Typhoon has been particularly persistent. When targeting government ministries or infrastructure, Raspberry Typhoon typically conducts intelligence collection and malware execution. In many countries, targets vary from defense and intelligence-related ministries to economic and trade-related ministries",
+      "meta": {
+        "country": "CN",
+        "refs": [
+          "https://query.prod.cms.rt.microsoft.com/cms/api/am/binary/RW1aFyW"
+        ],
+        "synonyms": [
+          "RADIUM"
+        ]
+      },
+      "uuid": "37f012df-54d8-4b3d-a288-af47240430ea",
+      "value": "Raspberry Typhoon"
     }
   ],
   "version": 298