Anything over 3.60 remains unable to be decrypted.
Unless its a TB patch, which can now also be decrypted for 3.55 thanks to duplex.
E.g. Max Payne 3
No, the "TB" are not decrypted. They are debug Eboots + DRM.
The recent "TB crack" is only the DRM check which is bypassed.
The eboots are still the one provided by TB team (debug eboots, which are unsigned and run on any cfw able to run unsigned eboots). Duplex didn't provide new eboots that the TB team didn't.
If the release teams (Duplex) don't know how to get or create debug eboots, they are still dependent on the TB team. And I suspect that TB team will stop providing such eboots at all if their DRM is bypassed, unless they make a new DRM.
Well, debug are also decrypted? maybe SifJar can explain it better? I didn't follow the TB hack very closed.