diff --git a/clusters/threat-actor.json b/clusters/threat-actor.json
index 97fe3eb..4732a47 100644
--- a/clusters/threat-actor.json
+++ b/clusters/threat-actor.json
@@ -5751,7 +5751,15 @@
           "https://www.secureworks.com/research/threat-profiles/bronze-mohawk",
           "https://www.mycert.org.my/portal/advisory?id=MA-774.022020",
           "https://www.elastic.co/blog/advanced-techniques-used-in-malaysian-focused-apt-campaign",
-          "https://www.microsoft.com/security/blog/2020/09/24/gadolinium-detecting-empires-cloud/"
+          "https://www.microsoft.com/security/blog/2020/09/24/gadolinium-detecting-empires-cloud/",
+          "https://www.justice.gov/opa/pr/four-chinese-nationals-working-ministry-state-security-charged-global-computer-intrusion",
+          "https://www.justice.gov/opa/press-release/file/1412916/download",
+          "https://www.justice.gov/opa/press-release/file/1412921/download",
+          "https://us-cert.cisa.gov/ncas/alerts/aa21-200a",
+          "https://us-cert.cisa.gov/ncas/alerts/aa21-200b",
+          "https://www.ncsc.gov.uk/news/uk-allies-hold-chinese-state-responsible-for-pervasive-pattern-of-hacking",
+          "https://www.gov.uk/government/news/uk-and-allies-hold-chinese-state-responsible-for-a-pervasive-pattern-of-hacking",
+          "https://www.consilium.europa.eu/en/press/press-releases/2021/07/19/declaration-by-the-high-representative-on-behalf-of-the-eu-urging-china-to-take-action-against-malicious-cyber-activities-undertaken-from-its-territory"
         ],
         "synonyms": [
           "TEMP.Periscope",
@@ -7205,7 +7213,15 @@
           "https://www.secureworks.com/research/bronze-vinewood-targets-supply-chains",
           "https://www.secureworks.com/research/threat-profiles/bronze-vinewood",
           "https://www.crowdstrike.com/resources/reports/2019-crowdstrike-global-threat-report",
-          "https://go.crowdstrike.com/rs/281-OBQ-266/images/Report2020CrowdStrikeGlobalThreatReport.pdf"
+          "https://go.crowdstrike.com/rs/281-OBQ-266/images/Report2020CrowdStrikeGlobalThreatReport.pdf",
+          "https://research.checkpoint.com/2021/the-story-of-jian",
+          "https://supo.fi/-/suojelupoliisi-tunnisti-eduskuntaan-kohdistuneen-kybervakoiluoperaation-apt31-ksi",
+          "https://poliisi.fi/-/eduskunnan-tietojarjestelmiin-kohdistuneen-tietomurron-tutkinnassa-selvitetaan-yhteytta-apt31-toimijaan",
+          "https://pst.no/alle-artikler/pressemeldinger/etterforskningen-av-datanettverksoperasjonen-mot-fylkesmannsembetene-er-avsluttet",
+          "https://www.nrk.no/norge/pst_-har-etterretning-om-at-kinesisk-gruppe-stod-bak-dataangrep-mot-statsforvaltere-1.15540601",
+          "https://www.ncsc.gov.uk/news/uk-allies-hold-chinese-state-responsible-for-pervasive-pattern-of-hacking",
+          "https://www.gov.uk/government/news/uk-and-allies-hold-chinese-state-responsible-for-a-pervasive-pattern-of-hacking",
+          "https://www.consilium.europa.eu/en/press/press-releases/2021/07/19/declaration-by-the-high-representative-on-behalf-of-the-eu-urging-china-to-take-action-against-malicious-cyber-activities-undertaken-from-its-territory/"
         ],
         "synonyms": [
           "APT 31",