Because it is the business of the investors and staff to know - it is none of your business, nor any other customer. The product is safe to use, and that is all that the customer needs to know. And besides, explaining an exploit can lead to other exploits being discovered and abused. Which once again, is absolutely none of your business as a customer or a consumer. Stop being so indignant.once exploits fixed its no longer an issue but would be very good news if certain exploits the customers are aware off are fixed - so why not tell the customers if its fixed?