diff --git a/clusters/threat-actor.json b/clusters/threat-actor.json
index 503f328..63b2352 100644
--- a/clusters/threat-actor.json
+++ b/clusters/threat-actor.json
@@ -14813,6 +14813,19 @@
       },
       "uuid": "2f854548-1af0-4f55-acab-4f85ce9f162c",
       "value": "Tomiris"
+    },
+    {
+      "description": "ShaggyPanther is a threat actor that primarily targets government entities in Taiwan and Malaysia. They have been active since 2008 and utilize hidden encrypted payloads in registry keys. Their activities have been detected in various locations, including Indonesia and Syria.",
+      "meta": {
+        "country": "CN",
+        "refs": [
+          "https://securelist.com/ksb-2019-review-of-the-year/95394/",
+          "https://securelist.com/apt-trends-report-q3-2019/94530/",
+          "https://securelist.com/apt-review-of-the-year/89117/"
+        ]
+      },
+      "uuid": "07791d89-64b6-46df-9f67-ccde8c2cbb20",
+      "value": "ShaggyPanther"
     }
   ],
   "version": 299