AI on the dark side has done three things particularly well: speed, scale, and sophistication. As a result, the time between a successful intrusion and the actual theft of data has decreased significantly over the past three years. Whereas three years ago the average period was nine days, it is now one day. The fastest case documented by Palo Alto Networks was even 72 minutes.
Given the right permissions and with the proper plugins, it could create, modify, or delete the user's files and otherwise change things far beyond what most users could achieve with existing models and MCP. Users would use files like USER.MD, MEMORY.MD, SOUL.MD, or HEARTBEAT.MD to give the tool context about its goals and how to work toward them independently, sometimes running for long stretches without direct user input.
Coming out of last year we had an important shift in strategy. We'd realised that going out to Q4 [1 November 2024 - 31 January 2025] our product innovation had accelerated to the point where it was putting a burden on our sales organisation to have to sell all products to all people.