diff --git a/Threat Reports/April.md b/Threat Reports/April.md
index f47a6db..3843711 100644
--- a/Threat Reports/April.md	
+++ b/Threat Reports/April.md	
@@ -30,3 +30,4 @@
 | 26 APR | CERT-UA | UAC-0056 group cyberattack using GraphSteel and GrimPlant malware and COVID-19 topics, the sending of e-mails was made from the compromised account of an employee of the state body of Ukraine | [cert.gov.ua](https://cert.gov.ua/article/39882) |
 | 26 APR | SSSCIP Ukraine | In Q1 2022, CERT-UA recorded 802 cyberattacks against the Government and Defense sector of Ukraine. Also, the five most attacked industries included the financial sector, telecommunications, and software developers, as well as the logistics and energy sector | [twitter.com/dsszzi](https://twitter.com/dsszzi/status/1518950677602619395?s=20&t=GHyOzg-_BdwzcfTFzwwbng) |
 | 27 APR | Microsoft | STRONTIUM, IRIDIUM, DEV-0586, NOBELIUM, ACTINIUM, BROMINE, KRYPTON (aliases in the report) | [blogs.microsoft.com](https://blogs.microsoft.com/on-the-issues/2022/04/27/hybrid-war-ukraine-russia-cyberattacks/) |
+| 28 APR | CERT-UA | UAC-0101 DDoS attacks using malicious JavaScript code (dubbed BrownFlood) which is placed on compromised websites (mainly running WordPress) | [cert.gov.ua](https://cert.gov.ua/article/39923) |