I understand the difference. I don't see the distinction. They know an unpatched vulnerability and if they haven't reported it to Apple, they don't own the moral high ground that would justify their smug public-interested belief.
In fact, as someone who lives and breathes in this ecosystem and gives talks on the ethics involved, I kind of want to argue the opposite: that doing a play-by-play breakdown of a recent bug to the point of educating an attacker how to exploit it, you increase everyone's danger and don't particularly increase their safety, while disclosing a bug being hoarded in a "just me and a ton of my close friends over a long period of time" (which is not how the groups who enjoy publishing public jailbreaks play the game) in a high-level way would actually do the opposite.
