diff --git a/2019/2019.04.23.Operation_ShadowHammer/Operation ShadowHammer.pdf b/2019/2019.04.23.Operation_ShadowHammer/Operation ShadowHammer.pdf
new file mode 100644
index 0000000..390cf7e
Binary files /dev/null and b/2019/2019.04.23.Operation_ShadowHammer/Operation ShadowHammer.pdf differ
diff --git a/README.md b/README.md
index b5ed1bd..519625f 100644
--- a/README.md
+++ b/README.md
@@ -25,6 +25,7 @@ Please fire issue to me if any lost APT/Malware events/campaigns.
 * [APT_REPORT collected by @blackorbird](https://github.com/blackorbird/APT_REPORT)
 
 ## 2019
+* Apr 23 - [[Kaspersky] Operation ShadowHammer: a high-profile supply chain attack](https://securelist.com/operation-shadowhammer-a-high-profile-supply-chain-attack/90380/) | [Local](../../blob/master/2019/2019.04.23.Operation_ShadowHammer)
 * Apr 22 - [[CheckPoint] FINTEAM: Trojanized TeamViewer Against Government Targets](https://research.checkpoint.com/finteam-trojanized-teamviewer-against-government-targets/) | [Local](../../blob/master/2019/2019.04.22.FINTEAM)
 * Apr 19 - [[MalwareBytes] “Funky malware format” found in Ocean Lotus sample](https://blog.malwarebytes.com/threat-analysis/2019/04/funky-malware-format-found-in-ocean-lotus-sample/) | [Local](../../blob/master/2019/2019.04.19.Funky_malware_format)
 * Apr 17 - [[Palo Alto Networks] Aggah Campaign: Bit.ly, BlogSpot, and Pastebin Used for C2 in Large Scale Campaign](https://unit42.paloaltonetworks.com/aggah-campaign-bit-ly-blogspot-and-pastebin-used-for-c2-in-large-scale-campaign/) | [Local](../../blob/master/2019/2019.04.17.Aggah_Campaign)