Microsoft's public condemnation of researcher Chaotic Eclipse marks more than a single dispute; it reveals an accelerating breakdown in the coordinated vulnerability disclosure (CVD) compact that has governed the ecosystem for two decades. By removing the researcher's reporting account while simultaneously criticizing the lack of prior notification, Microsoft created a self-reinforcing cycle of distrust that independent researchers increasingly cite as justification for bypassing vendors entirely. This pattern echoes earlier flashpoints, including the 2021 ProxyLogon disclosures and the 2023 MoveIt supply-chain fallout, where researchers documented repeated Microsoft delays before going public. The result is a chilling effect: fewer researchers route findings through formal channels, accelerating the migration of high-value exploits toward underground brokers and state actors. Data from the Zero Day Initiative and Google's Project Zero show a measurable rise in uncoordinated releases since 2024, correlating with vendor pushback against public proof-of-concept code. Microsoft's stance, framed as customer protection, risks concentrating exploit knowledge in fewer hands while eroding the transparency that once allowed rapid collective defense. The GitHub and GitLab account takedowns further signal platform capture by vendors, narrowing the public square where disclosure norms are contested. Without structural reforms—such as independent arbitration of disclosure timelines and mandatory researcher compensation—the entire ecosystem tilts toward opacity, benefiting sophisticated adversaries who already stockpile rather than report.