I may be in the minority but I'm perfectly fine with Mozilla's approach here.

They link to the full document which lists their VPN subscriber count near the top of the about Mozilla section.

It would sound like an advertisement though, so in some way it’s better they don’t mention it

This is the Mozilla foundation, the VPN seller is Mozilla corporation.

They also advocate for if not enforce HTTPS. Would this be bad if they were also a trusted CA selling signed TLS certs to companies?