Yes, it would be bad if hackers and cheaters were more organized and shared information only in the dark web. Luckily they go about it in the open, and thus make it easier for FDev to identify the problem and find better solutions for it.And that's why, when dealing with companies that prioritise PR over product quality, you make sure to go public about any vulnerabilities that you discover if they refuse to fix them. If they won't admit any issues, then you admit the issues for them. They are then forced with either denying any problem (and the associated escalation of exploiting of said problem) or they simply admit there's a problem and get it resolved.
The worst punch is the one that you cannot see.