🌙 Tekin Night May 26: Bungie's Transparency Crisis & Ferrari Luce EV

🎮 Bungie's Transparency Crisis: The Destiny 2 Debacle

In what may be one of the most damaging internal communications failures in gaming history, new reports reveal that the "vast majority" of Bungie staff remained completely unaware of the decision to end active development on Destiny 2 until the announcement went public last week. This bombshell, reported by Forbes' Paul Tassi and corroborated by IGN, paints a troubling picture of crisis management at one of the industry's most storied studios.

According to Tassi's sources, the decision to sunset Destiny 2 was made "earlier this year" - likely in Q1 2026 - but was kept under wraps from all but a select few teams. Those in the know included developers already working on the final June 9 content update and others who had been transitioned to Marathon, Bungie's extraction shooter that launched in March 2026. Meanwhile, the rest of the studio continued working on future content, including the now-canceled "Shattered Cycle" expansion, completely oblivious to the fact that their work would never see the light of day.

Perhaps most damning is the revelation that some of the few employees who were aware of the decision reportedly "begged" leadership to inform more of the studio, but these pleas fell on deaf ears. This wasn't just a communication failure - it was an active choice to keep the majority of the workforce in the dark while they poured their energy into doomed projects. The human cost of this decision is staggering: wasted months of work, shattered morale, and a profound breach of trust between leadership and staff.

In a post-announcement town hall, employees pressed leadership about impending layoffs but received what sources described as insufficient responses. Bloomberg's subsequent reporting confirmed that Bungie is "planning a significant number of layoffs" and has no immediate plans to begin work on Destiny 3. The studio that once defined console shooters with Halo and revolutionized live-service gaming with Destiny now finds itself in an existential crisis, hemorrhaging talent and goodwill.

🤖 The AI Bug Hunting Arms Race: Cybersecurity's New Battlefield

The cybersecurity landscape is experiencing an unprecedented revolution: artificial intelligence has become not just a defensive tool, but an offensive weapon. A groundbreaking report from Wired reveals that agentic AI models can now autonomously identify software vulnerabilities and develop exploits for them - and this is just the beginning of a fundamental shift in how security research, bug bounties, and cyber warfare operate.

Independent security researcher Joseph Thacker puts it bluntly: "I've probably submitted three times more bugs than I did last year at this time. I would suspect that a company like Google is going to spend two to 10 times as much on bug payouts as they did last year." This dramatic increase signals a fundamental change in bug bounty economics - a change that creates new opportunities for both ethical researchers and malicious actors. The flood of AI-discovered vulnerabilities is forcing organizations to rethink everything from disclosure timelines to patch deployment strategies.

But this is only one side of the story. On the other side, ethical security researchers are also leveraging AI to find bugs - and this has led to a deluge of reports, some high-quality and others dismissed as "AI slop." Linus Torvalds, creator of Linux, wrote in April 2026 that the Linux security mailing list has become "almost entirely unmanageable" due to high volume and duplicate AI-generated reports. The command-line tool Curl even ended its bug bounty program in January after being overwhelmed by low-quality AI submissions, though founder Daniel Stenberg later noted in April that quality had improved significantly.

The interesting twist is that after an initial period of low-quality submissions, the situation is improving. Daniel Stenberg wrote in April 2026: "Over the last few months, we have stopped getting AI slop security reports in the curl project. Instead we get an ever-increasing amount of really good security reports, almost all done with the help of AI. They're submitted in a never-before seen frequency and put us under serious load." This suggests that researchers are learning to use AI effectively, filtering out false positives and focusing on genuine vulnerabilities.

Google has responded by overhauling its Vulnerability Reward Programs for Chrome and Android, lowering payouts for some bug classes while increasing others. As the company stated: "As the security research landscape evolves with AI, we're making changes in our programs to ensure we're rewarding the most challenging and impactful vulnerabilities in our products." This recalibration reflects the new economics of bug hunting: when AI can find low-hanging fruit at scale, the value shifts to truly novel and complex vulnerabilities that still require human ingenuity.

🏊 Enhanced Games: Breaking Records with Banned Substances

In one of the most controversial sporting events of the year, Kristian Gkolomeev, a 32-year-old Greek-Bulgarian swimmer, broke the "unofficial" world record for the 50-meter freestyle with a time of 20.81 seconds at the inaugural Enhanced Games in Las Vegas, earning a $1 million prize. But this record will never be recognized as official - because the Enhanced Games explicitly allows athletes to use performance-enhancing drugs banned by the World Anti-Doping Agency (WADA).

Gkolomeev's time was 0.07 seconds faster than the official world record set by Australia's Cameron McEvoy at the China Open in March 2026. However, the record is inadmissible for multiple reasons: use of WADA-banned substances, wearing a prohibited skinsuit, and competing in a non-standard environment (a casino parking lot in Las Vegas). The Enhanced Games, which bills itself as a "science-forward" alternative to traditional sports, argues that it's democratizing performance enhancement and conducting research into human limits. Critics counter that it's simply a dangerous spectacle that glorifies doping.

The most troubling aspect of the Enhanced Games is the lack of transparency. According to Wired's report, "Dozens of juiced athletes competed at the Enhanced Games in Las Vegas. Most won't admit what drugs they used." This opacity undermines the event's stated mission of advancing scientific understanding of human performance. If athletes won't disclose their protocols, how can meaningful research be conducted? The Enhanced Games organizers promised transparency and medical oversight, but the reality appears to be a commercial spectacle with minimal accountability.

Gkolomeev, who has competed in four Olympics but never medaled, represents the target demographic for the Enhanced Games: talented athletes who haven't achieved Olympic glory and are willing to take risks for financial reward and recognition. His previous best time was 20.89 seconds, meaning he improved by 0.08 seconds - a massive leap in a sport where hundredths of a second matter. Whether this improvement came from training, technology, drugs, or some combination remains unclear, as Gkolomeev has not publicly disclosed his enhancement protocol.

⛪ Pope Leo's AI Encyclical: A Warning to Tech Giants

In an unprecedented move, Pope Leo XIV released his first encyclical, titled "Magnifica Humanitas," which directly addresses the power of tech giants and the dangers of artificial intelligence. This 150-page document, published on May 25, 2026, is a serious warning to the world: AI must be "disarmed" and placed in service of humanity, not in service of domination, monopoly, and war.

Pope Leo warns in this encyclical that artificial intelligence risks making civilization "less human," hollowing out work, concentrating wealth, and reducing people to systems driven by data and efficiency rather than dignity and morality. He specifically points to "opaque algorithms" controlled by a handful of powerful private companies that can bring "new forms of dehumanization." The encyclical represents the Catholic Church's most comprehensive engagement with technology since the digital revolution began.

But as TechCrunch astutely notes, this encyclical isn't really about AI - it uses AI as a lens to diagnose older problems: concentrated power, eroding democracy, and a tech elite that shapes the world to its own advantage. Pope Leo is essentially using AI as a symbol to critique existing power structures. The timing is significant: as governments worldwide grapple with AI regulation, the moral voice of 1.4 billion Catholics adds weight to calls for accountability and ethical guardrails.

The encyclical draws parallels to Pope Leo XIII's 1891 encyclical "Rerum Novarum," which addressed the Industrial Revolution's impact on workers and society. Just as that document shaped Catholic social teaching for generations, Magnifica Humanitas aims to provide moral guidance for the AI age. Pope Leo XIV writes: "Like the earlier 'Leo', I feel entrusted to look upon another huge transformation with eyes of faith, with lucidity of reason, with openness to mystery, and with cries of the poor and the earth resounding in my heart."

The encyclical calls for "robust regulation" of AI and appeals to developers to implement "shared standards of social justice" to ensure AI respects human dignity and serves the common good. It warns against technologies that foster domination, exclusion, and war, and calls for a "courageous mentality of shared responsibility and communion." The document represents a direct challenge to the libertarian ethos that has dominated Silicon Valley, arguing that technology cannot be value-neutral and must be actively directed toward human flourishing.

🏎️ Ferrari Luce: The First EV Designed by Jony Ive

After months of teasers and anticipation, Ferrari has finally unveiled its first all-electric vehicle, named Luce (Italian for "light"). But this car is significant not just for its electric powertrain, but for its collaboration with Jony Ive and Marc Newson at their design studio LoveFrom. This marks the first time Ferrari has allowed an external design studio to "define the design direction of the project from the outset," inside and out.

The Luce is a four-door, five-seat vehicle - Ferrari's first five-seater in history. With four electric motors (one per wheel) and a combined output of over 1,035 horsepower in Boost mode, this car can accelerate from 0 to 100 km/h (0-62 mph) in just 2.5 seconds and reach a top speed of 310 km/h (192 mph). Its 122 kWh battery provides a range of over 530 kilometers (330 miles). At a starting price of €550,000 ($640,000+), it's the most expensive Ferrari ever produced.

One fascinating aspect of the Luce is its sound design. Unlike many EVs that use entirely synthesized sounds, the Luce employs a physical accelerometer that amplifies mechanical vibrations from the rear motors and transmits them into the cabin. This approach gives the car a more "alive" feel, closer to the traditional Ferrari experience. As Tim Stevens from Engadget noted after a preview, the sound system "picks up and amplifies vibrations from the rear motors instead of being fully synthesized like many EVs."

Stevens describes the Luce as feeling "more like an SUV than a traditional sports car" in its size and shape, though Ferrari insists it's a new category entirely. The car features what Ferrari calls "radical glasshouse architecture" - a design language that emphasizes transparency and lightness, hallmarks of Ive's minimalist aesthetic. The interior, which was previewed earlier this year, features aerospace-inspired materials and a control layout that eschews the button-heavy approach of many modern cars in favor of a more streamlined interface.

Ferrari says the Luce gives drivers "control of each wheel's motion in every direction," thanks to the independent motor setup. This torque vectoring capability allows for unprecedented handling dynamics, potentially making the Luce one of the most agile large vehicles ever produced. Full power is available in less than a second, and the car can dynamically adjust power distribution to each wheel thousands of times per second based on driving conditions.

🔒 Lazarus Group's RemotePE: Memory-Only Malware Targets Crypto

In tonight's final story, cybersecurity researchers from Fox-IT (an NCC Group subsidiary) have revealed details about a sophisticated malware called RemotePE, used by the North Korea-linked Lazarus Group to target financial and cryptocurrency organizations. This malware executes entirely in memory (RAM) and leaves no trace on disk, making it nearly undetectable by traditional security tools.

RemotePE is part of a multi-stage attack chain involving two loaders named DPAPILoader and RemotePELoader. DPAPILoader uses the Windows Data Protection API (DPAPI) to decrypt and load an encrypted payload from disk. RemotePELoader then contacts a command-and-control (C2) server and waits to receive the next stage: RemotePE, a Remote Access Trojan (RAT) that executes entirely in memory and is never written to disk, leaving no filesystem artifacts.

The attack typically begins with social engineering. In one documented case, Lazarus operatives approached a victim on Telegram posing as an existing employee of a trading company, scheduling a meeting using fake Calendly and Picktime domains. Once the victim's device was compromised, the three-stage RemotePE infection sequence began. The earliest DPAPILoader artifact dates back to November 2023, suggesting this toolset has been in development for over two years.

RemotePE employs advanced evasion techniques including Hell's Gate (for direct system calls) and patching Event Tracing for Windows (ETW) to avoid detection. The RAT supports six command categories: C2 configuration management, file operations, process management, DLL loading/unloading, execution control, and server communication. Fox-IT obtained four RemotePE samples indicating active development between mid-2023 and mid-2024, with the first version compiled on July 4, 2023.

A notable feature is the file deletion command, which overwrites each file seven times with constant bytes before renaming and deleting it - a pattern also observed in PondRAT and POOLRAT (also known as SIMPLESEA). This suggests RemotePE is part of a larger Lazarus toolkit. The researchers note: "The toolset's environmental keying, memory-only execution, EDR evasion, and low forensic footprint suggest it is purpose-built for long-term observation campaigns."

According to TRM Labs, in just the first four months of 2026, Lazarus Group stole approximately $577 million in cryptocurrency assets through only two major incidents, accounting for 76% of total global crypto theft in 2026. Since 2017, the group has accumulated a total of $6 billion in stolen funds. This makes Lazarus one of the most prolific and dangerous cyber threat actors in the world, with direct ties to the North Korean regime's funding mechanisms.

The "actor-in-the-loop delivery model" - where human operators manually deploy the final payload after initial compromise - combined with the toolset's low detection rate (neither RemotePELoader nor RemotePE appeared on VirusTotal prior to Fox-IT's publication) suggests this toolset is reserved for high-value targets where long-term, stealthy access is the objective. This is consistent with Lazarus's known focus on financial and cryptocurrency organizations that can yield massive payouts.