from the none-of-this-makes-sense dept

Full disclosure: this post is going to pose way more questions than answers. That’s because the story of the Tomb Raider remake being produced by Crystal Dynamics and its inclusion of an AI disclosure on Steam makes no sense to me.

So, let’s start at the beginning. Crystal Dynamics is making an updated version of the first Tomb Raider game and it looks pretty great from what I’ve seen. But, as gamers are now accustomed to doing, the public came to notice that the game’s Steam page included one of Steam’s mandatory AI disclosure notices. It reads thusly:

AI-assisted tools were used during development to support some early exploration and temporary development content. Any AI-assisted assets were either replaced or refined by humans in order to maintain the creative and artistic vision of the development team.

And from there, because, of course, everyone freaked out. Comments from all the corners of the internet began flooding in, swearing off ever touching this game because it was developed using AI. What AI? We don’t know. How much was it utilized? No real content there, either. But is the game going to be good? It doesn’t fucking matter, because AI was used and that’s all you need to know in order to know that this game is going to be artless pap fit only to be mocked and laughed at.

Even some gaming journalists have gotten into the habit. This is from Kotaku:

GenAI slop potentially showing up in Tomb Raider is disappointing but maybe less surprising than it should be. Phil Rogers, CEO of Crystal Dynamics’ parent company, Embracer Group, last year called genAI a “powerful technology” for “driving efficiency.” Crystal Dynamics has also undergone several rounds of layoffs, completing three just last year and one earlier in 2026.

Here you have a writer who has already reached their conclusion while having almost zero information on which to base that conclusion. They haven’t played the game. They’ve barely seen the content in the game, save for some trailers. They don’t know thing one about how AI was used, where, and in what way. But it’s probably going to be “GenAI slop”. As if there is simply no other possible outcome.

But it gets at least slightly stranger with Crystal Dynamics having responded to some of those concerns over at Eurogamer.

“At Crystal Dynamics, we leverage AI tools to help our teams iterate on ideas faster and more efficiently, while ensuring that all finished content in the final product is human-crafted. Our goal is to empower the creativity and flexibility of our developers to deliver the highest-quality experiences for players everywhere.”

This is where I get confused. If all of the content that is going to make it into the final product is “human-crafted,” then they shouldn’t even have needed to add the disclosure to their Steam page. Back in January, Steam updated its rules around its AI disclosure such that a game with an AI disclosure must have AI-generated content that is either in public marketing materials for the game or in the final product and with which the player of the game interacts in order to require the disclosure.

In its submission form, Valve now specifies that game publishers must disclose pre-made generative AI assets only when used in marketing materials or content that “ships with your game, and is consumed by players.”

In other words, Steam’s disclosure requirement is not concerned with generative AI tools used behind the scenes for efficiency gains (presumably including coding helpers) or office work, but with things like final art, sound, and writing.

Advertisement

Now, I’ll just note that there is a subtle difference in the disclosure notice and Crystal Dynamics’ statement. The former indicates that the game may include AI-generated assets that were then iterated upon by a human developer. The latter seems to say the opposite, where everything in the final game will be “human-crafted”. So… which is it?

As I said from the start, more questions than answers is all I have at the moment. But if the gaming public is going to freak out at the mere mention of some AI being used in some way, somewhere within every new video game that comes out, then this is going to be a very annoying time in which to be a gamer.

Filed Under: ai, tomb raider, video games

Companies: crystal dynamics

A Chinese espionage group tracked as UNC5221 has been accessing Microsoft 365 environments using the Brickstorm backdoor and previously undocumented malware named Plenet and AgentPSD.

An investigation into the incident revealed that the threat actor had gained access to the victim network at least 18 months before detection, and had also compromised the victim organization’s managed services provider (MSP).

UNC5221 is also tracked as VerdantBamboo and has been involved in attacks that exploited zero-day vulnerabilities in edge devices since at least 2023.

The threat actor used the Brickstorm backdoor undetected in the environments of various targets in the United States for more than a year until the breaches were discovered around March 2025.

Researchers describe Brickstorm as “an advanced malware implant.” Initial variants were written in Golang, then new variants emerged, written in Rust.

In April 2024, Google documented UNC5221 activity using the backdoor, and then again in September 2025, describing attacks against legal services, software-as-a-service providers, business process outsourcers, and technology companies.

CISA warned about Brickstorm being deployed by Chinese hackers against VMware vSphere servers, and, more recently, Google reported that it was deployed by UNC6201 against Dell RecoverPoint for Virtual Machines.

Victim hacked twice

Volexity researchers responding to an incident last year found that VerdantBamboo compromised an Egnyte Storage Sync system and accessed it periodically through the victim’s web SSL VPN.

From this foothold and using Brickstorm proxying features and stolen credentials, the threat actor accessed the organization’s Microsoft 365 enevironment.

“Volexity assesses with high confidence that this was done to blend in with legitimate network traffic and evade Conditional Access policies that would have otherwise prevented access,” the researchers said.

Later, Volexity discovered that the hackers had spent at least 18 months on the network before being detected. Furthermore, VerdantBamboo breached the organization again after the researchers completed the remediation efforts.

In the second intrusion, the attackers used stolen credentials to enable and configure SSL VPN access on the victim’s firewall, then connected to internal systems and deployed additional custom malware to a Synology NAS device.

This triggered an investigation at the customer’s MSP, where Volexity found that VerdantBamboo had planted a BSD variant of Brickstorm on a pfSense firewall.

“Volexity concluded that this firewall, like the victim organization’s Storage Sync system, had also been compromised at least 18 months earlier.”

The researchers have medium confidence that the attacker pivoted from the MSP into the victim organization’s environment.

Brickstorm was then deployed to the victim’s Egnyte Storage Sync appliance and to a retired Linux GroupWise email archive server.

New backdoors used

Once the attackers returned a few days later and re-established access to the victim’s infrastructure, they deployed the custom malware Plenet to a Synology NAS appliance.

Plenet, also tracked as “Grimbolt” by Google, is a cross-platform .NET-based backdoor that offers interactive shell access, remote command execution, file manipulation, and command-and-control (C2) server switching.

The researchers note that Plenet is similar in design to Brockstorm, using the WebSocket protocol for C2 communications and a multiplexing library for simultaneous data streams to the server.

AgentPSD is a simple Python-based reverse shell utility that Volexity believes VerdantBamboo used as a fallback persistence mechanism if other malware was no longer accessible.

The researchers discovered that AgentPSD was configured to connect to a different domain than the one Brickstorm used. However, the malware was never used as Brickstorm was still running, which supports the assessment that AgentPSD was a secondary access mechanism.

During the investigation, Volexity tried to discover the infrastructure related to VerdantBamboo. The researchers created a fingerprint to identify IP addresses and domains Brickstorm used for C2 communication.

Although multiple machines were identified, the threat actor took the infrastructure offline before the researchers could reveal other systems.

“Between September 18 and September 23, all of the servers previously matching this pattern turned off their services on port 443.”

Around that time, Google also published a new report on Brickstorm’s activity, which may suggest that the attacker was aware of their operations being under investigation.

Volexity’s describes VerdantBamboo/UNC5221 as “a highly sophisticated threat actor” that mixes living-off-the-land techniques and malware and targets systems that do not support endpoint detection and response (EDR) solutions.

The researchers compiled a list of indicators of compromise (IOCs) linked to the investigated UNC5221 campaign and published them here.

Security teams log 54% of successful attacks and alert on just 14%. The rest move through your environment unseen.

The Picus whitepaper shows how breach and attack simulation tests your SIEM and EDR rules so threats stop slipping by detection.

Get the whitepaper

Duck Detective studio Happy Broccoli is back with a creepy-cute mystery.

For someone who helped ship ChatGPT, DALL-E, and Codex, Mira Murati has been remarkably quiet. On Thursday, she broke the silence. Sitting down with Bloomberg’s Emily Chang in San Francisco, the CEO of Thinking Machines Lab gave her first major media appearance in roughly 18 months, a carefully managed re-entry into a conversation that has moved at breakneck speed without her.

The timing was not accidental. Thinking Machines has spent that year and a half raising $2 billion, securing a gigawatt of Nvidia Vera Rubin compute, shipping one product, and losing a troubling number of the researchers it hired to build the next one. The AI landscape Murati left behind when she departed OpenAI in September 2024 looks nothing like the one she re-entered on Thursday.

The product: interaction models

Murati used the appearance to preview what Thinking Machines is calling “interaction models,” a fundamentally different kind of AI interface. Rather than the prompt-and-response format that defines most AI products, the company’s models are designed to process continuous streams of audio, text, and video in 200-millisecond intervals.

The pitch is that these models can pick up on the texture of human communication: interruptions, mid-thought corrections, pauses. The technical term is “full duplex,” and the company claims its TML-Interaction-Small model responds in 0.40 seconds, roughly the speed of natural conversation. It fits Thinking Machines’ founding thesis that powerful AI requires closer human collaboration, not less of it.

Murati was careful to frame this as a first step. She declined to put a release date on anything, and she positioned the work alongside Tinker, the company’s API for fine-tuning open-source models, which launched in October 2025 and remains its only shipping product.

The departures

Chang pressed Murati on what has quietly become the company’s most visible problem: a string of high-profile departures. Co-founder and CTO Barret Zoph, co-founder Luke Metz, and founding team member Sam Schoenholz all returned to OpenAI in January. Five founding members have gone to Meta, reportedly lured by compensation packages that reach into nine figures.

Murati downplayed the exits. Building a frontier AI lab from scratch compresses years of normal organisational volatility into months, she said. She acknowledged that the nine-figure packages now standard in the AI talent war capture imaginations, but suggested compensation is rarely the whole story.

“When I wake up in the morning, I am not thinking about how to kill the competitor,” she said, drawing laughter from the audience. The line was disarming, but the competitive reality is stark. OpenAI is everywhere. Anthropic has raised $30 billion and reportedly attracted investor offers at an $800 billion valuation. Elon Musk’s xAI has been folded into SpaceX ahead of a record IPO. In that environment, staying quiet has costs.

The Altman firing, revisited

Chang asked about the episode that first made Murati a public figure: the chaotic five days in November 2023 when OpenAI’s board fired Sam Altman and Murati became interim CEO. Inside OpenAI, the incident came to be called “the blip.”

Murati said she felt clear about her decisions in each moment, that protecting the mission and the team was the thread that made the choices feel obvious even as the situation looked like it was falling apart from outside. She said the company would have “imploded” without her involvement through that stretch. But she acknowledged that clarity of intent is not the same as clarity about consequences, and said she would have pushed harder for more information, a better transition plan, and more transparency.

Asked whether she still trusts Altman, she sidestepped. What she offered instead was more interesting: a broader argument about the concentration of consequential decisions in too few hands, not just at OpenAI but across the industry. Her concern, she said, is less about the character of any individual leader and more about the absence of structural checks. Good people make bad calls. Well-intentioned organisations drift.

The harder question

On the future of AI broadly, Murati pushed back on both the dystopian and utopian framings. Neither outcome is predetermined, she argued. The period we are in right now is the one that will determine which way things go.

But she returned, more than once, to a theme that connects her governance critique to her product philosophy: if humans take their hands off the wheel too soon, the future will look very different, and not better. It is a position that sits comfortably with her company’s thesis about human-AI collaboration. Whether it can survive contact with a market that rewards speed, scale, and tens of billions in capital over caution is the question Murati did not answer on Thursday.

She does not need to answer it yet. But with one product shipping, a team that keeps shrinking at the top, and competitors that grow louder by the week, the window for quiet conviction is closing.

There are dozens of LED hair-growth gadgets on the market, ranging from a $50 product on AliExpress that’s been shopped onto a model to comically bad effect to the $2,500 Capillus Spectrum, which boasts an aggressive array of laser diodes. Contrary to what I would have suspected, women are actually the current dominant consumer group for LED hair-regrowth therapy. As it was explained to me, women are accustomed to spending money on their appearance, and thinning hair is often experienced as a crisis. Men, on the other hand, tend to take the path I did and buzz it all off, then go about their day.

Photograph: Martin Cizmar

I agreed to test the FDA-cleared GroWell, which sits in the middle of the price range at $550. It contains a total of 63 diodes, including 24 lasers and 39 LEDs. Beyond its attractive price point, comfortably between sketchy drop shippers and well-marketed products that cost nearly as much as the top-end MacBook Pro, the GroWell stands out for offering treatment at a level supported by clinical research without an overkill approach that can be counterproductive.

Also, unlike the helmet-style caps on the market, it’s an insert attached to a control unit with a small 1,800 mAh Li-ion battery, which GroWell says should be good for several years of regular use. Because it’s in three small pieces (a control pack that’s the size of an old Motorola Razr, a USB-C cord, and a flat pad that’s only as thick as a piece of cardboard), it’s easy to fold up and pack on a trip. That’s clutch, as you don’t want to miss treatments when traveling. (Note that if you stop using the device, your follicles will return to their previous state.)

Growing Pains?

It couldn’t be easier to use: Tuck the light pad inside the provided cap or one of your own, connect it via USB-C to the control module, and press the button. It will light up for the next 25 minutes while you go about your business. Because it goes in your own hat, the fit may not be perfect, and I did find myself adjusting it a bunch, which probably wouldn’t happen with some of the helmet-style devices.

In a 2013 study, the levels and duration provided by GroWell with every other day of use over 16 weeks helped everyone who participated in the study regrow some hair, on average 35 percent more for men and 37 percent for women. The same study showed that using more powerful lasers for longer may actually stunt growth a bit. I’m only estimating here, but I would guess I have at least 30 percent more hair than I would have without the treatment, and maybe more.

Six weeks ago, AirTrunk did not operate in India. Now it wants to spend $30 billion there.

The Blackstone-backed hyperscale data centre operator announced on Thursday that it plans to invest more than INR 3,000 billion ($30 billion) in India by 2030, building over 5 gigawatts of digital infrastructure capacity across multiple states and union territories. The figure represents planned spending, not committed capital, and the four-year timeline leaves considerable room for adjustment. Still, if executed, the programme would rank among the largest digital infrastructure commitments in the country’s history.

Prime Minister Narendra Modi publicly welcomed the commitment, saying it would strengthen India’s position as a global hub for cloud computing and AI. The endorsement followed meetings between AirTrunk founder and CEO Robin Khuda and federal and state government officials in Maharashtra and Andhra Pradesh.

From zero to $30 billion in six weeks

AirTrunk entered India in April through the acquisition of Lumina CloudInfra, which gave it a 600-megawatt development pipeline across Mumbai, Chennai, and Hyderabad. The new $30 billion plan represents a dramatic escalation of that position.

The centrepiece is a 3GW campus at the Raigad Penn Growth Centre on the outskirts of Mumbai, for which AirTrunk has signed a letter of intent for land allotment with the Maharashtra government. According to a single industry report, that project alone carries an estimated price tag of $21 billion, though the figure has not been confirmed by AirTrunk or the Maharashtra government.

“Capital is mobile, and India is creating the conditions for it to thrive,” Khuda said. “India is taking a top-down approach to AI with clear government-led initiatives, a world-class talent pool, and massive availability of renewable energy.”

Why India, why now

India’s data centre market has been accelerating since 2024, but the pace of new commitments in 2026 has been extraordinary. Google has pledged $15 billion for a southern Indian data centre hub. Microsoft has committed $17.5 billion. Amazon is targeting up to $35 billion by 2030. The Adani Group has reportedly outlined a $100 billion programme through 2035, including a 5GW renewable-powered hyperscale platform, though those figures come from industry reports rather than a formal company commitment.

The government has matched the private capital with policy. India’s February budget introduced a 20-year tax holiday through 2047 for foreign technology firms using Indian data centres for global cloud services. The IndiaAI Mission has received approximately £1 billion ($1.2 billion) in funding, and the India Semiconductor Mission has been backed with approximately £7.5 billion ($9 billion).

AI-related colocation leasing more than doubled to 348MW in the past year, now accounting for nearly 20% of total demand. Between March 2025 and April 2026, operators announced roughly 30 large projects adding about 3.5GW of planned capacity across the country. Schneider Electric expects its India data centre business to become its single largest unit within three to five years.

Blackstone’s hyperscale bet

AirTrunk is the vehicle through which Blackstone is making its largest infrastructure play in the Asia-Pacific region. The private equity giant acquired AirTrunk in December 2024 for an implied enterprise value of over A$24 billion ($16 billion), alongside Canada Pension Plan Investment Board, which took a 12% stake. It was the largest data centre transaction in history at the time.

Blackstone has since been expanding AirTrunk’s footprint aggressively. The platform now spans more than 3GW of operating and planned capacity across 20 campuses in six regions: Australia, Singapore, Japan, Malaysia, Hong Kong, and India. Separately, Blackstone is seeking up to $1.75 billion in a NYSE IPO for its Digital Infrastructure Trust, packaging hyperscaler-leased AI data centres as a public REIT.

The India push fits a clear pattern. Blackstone had already committed approximately $11 billion to Indian data centres through Lumina before the AirTrunk acquisition. The new $30 billion figure nearly triples that exposure.

The execution question

The numbers are staggering, but so is the gap between announcements and operational capacity. India’s total live IT capacity exceeded 1.6GW by the end of 2025, the product of years of cumulative buildout. Just 371MW was added in 2025 alone. AirTrunk’s proposed 5GW, combined with the commitments from Google, Microsoft, Amazon, and Adani, would require India to build more capacity in the next four years than it has built in its entire history, several times over.

The discussions between Khuda and government officials reportedly focused on precisely the bottlenecks that could slow that buildout: access to reliable and cost-effective power, renewable energy, sustainable water supply, talent development, streamlined approvals, and coordination between state and federal governments on strategic infrastructure.

India is not the only country chasing hyperscale AI infrastructure investment. Malaysia, Saudi Arabia, and several European nations are offering competing incentive packages. AirTrunk itself recently expanded its Malaysian platform to over 700MW. The $30 billion figure signals intent, but the timeline to 2030 leaves room for the kind of recalibration that large infrastructure programmes routinely undergo.

What is not in question is the direction of travel. Whether the final number is $30 billion or something smaller, India is rapidly becoming one of the world’s primary construction sites for the physical infrastructure that AI requires. The question is whether the country’s grid, water supply, and planning systems can keep pace with the capital flooding in.