>nobody actually cares what is going on with anything outside of themselves.

"not caring" would be not disclosing the vulnerability at all, and instead selling it to the highest bidder on one of the private markets

which, given the ridiculous and undeserved lashings the researchers are receiving from people completely outside of the security ecosystem, i would not be surprised if they moved in that direction. they would certainly make more money.