diff --git a/README.md b/README.md
index 9c67884..d9c79e3 100644
--- a/README.md
+++ b/README.md
@@ -27,3 +27,8 @@ This repository documents an active post-exploitation infrastructure leveraging
 
 Observed behaviors partially align with commercial surveillance platforms, red team toolkits, and known APT techniques targeting iOS/macOS environments. No definitive attribution is made at this time.
 
+---
+
+## Why This Matters
+
+Impersonating Apple system services and running stealthy TLS C2 lets attackers persist, blend into normal traffic, and bypass device and enterprise defenses — all while appearing legitimate. That turns compromised iPhones into undetectable espionage platforms capable of data exfiltration, remote control, and long-term surveillance without triggering usual security checks.
\ No newline at end of file