diff --git a/clusters/threat-actor.json b/clusters/threat-actor.json
index 50bfb16..e07cb1c 100644
--- a/clusters/threat-actor.json
+++ b/clusters/threat-actor.json
@@ -17050,6 +17050,17 @@
       },
       "uuid": "a86b67d2-fc94-4c1b-91e1-949c969176ed",
       "value": "LulzSec Black"
+    },
+    {
+      "description": "OverFlame is a hacktivist group known for executing DDoS attacks and website defacements, primarily targeting government institutions and corporations in Europe and North America. The group has been involved in coordinated attacks alongside other pro-Russian threat actors, such as NoName057and the People’s Cyber Army, often motivated by anti-government and anti-corporate sentiments. OverFlame operates through underground forums and encrypted messaging platforms to coordinate attacks and recruit members. Their activities have included targeting financial services, political parties, and educational institutions, demonstrating a focus on disrupting critical infrastructure.",
+      "meta": {
+        "refs": [
+          "https://socradar.io/biggest-education-industry-attacks-in-2024/",
+          "https://www.scworld.com/brief/austria-subjected-to-pro-russian-ddos-intrusions"
+        ]
+      },
+      "uuid": "8bd29f1a-ea33-49c2-a783-42cd2a193f83",
+      "value": "OverFlame"
     }
   ],
   "version": 318