They also paid me something around 100 dollars in settlement for this

They don't care about security at all.

They once shipped a backdoor in their macOS app. It was noticed and called out and they refused to remove it. It took Apple blacklisting it for Zoom to finally take action.

I believe they now have a proper e2ee mode which disables all the cloud powered features, no?

They aquihired (and gutted) keybase for this, but I have a doubt that their "reimplementation" is actually E2EE.