This is a relatively common pattern in CTF (and probably, other competitive activities). Being a top-level CTF competitor takes a big time investment, both in terms of maintaining your skills, and actually competing.
It's hard for an individual to maintain that level of commitment over time, especially if their personal responsibilities increase (getting a full-time job, starting a family, etc.). Responsibilities aside, people also just get bored and/or burnt out (after a point, most challenges are just variations on something you've seen before).
For a team to stay competitive over time, they either need enough members to fill the gaps, or a sustainable influx of new members.
In general CTF problems are limited in the sense that they need to be solvable withing the tournament time frame (usually 48h), and also the process is simpler - you don't have to be quiet, you grab the flag and that's it; no need to think beyond that point (i.e. no need to worry about backdooring, C2, hiding the traffic, lateral movement, detection, etc).
Also CTF problems might be super specific, to the extent of being unlikely to be encountered in a real world. The real world is a bit different - a lot of systems have same old boring issues. On the flip side when dealing with 0-days in stuff like modern browsers you are likely to exceed the level of complexity of even top CTF pwn challenges - mostly due to the aforementioned time constrain in CTFs.
That said, a lot of technical skills would be transferable between both areas. Regardless which way one would switch, there would still be a decent amount of learning (e.g. learning the CTF metagame, learning to think beyond getting a shell).
CTF challenges typically do not involve zero days as their intended solution, due to time constraints. Often they will inject a vulnerability into e.g. Chromium by patching it in a way that might approximate a real bug, then hand you the patch so you save the weeks, months it takes to find stuff like this normally. So from there it becomes purely a test of being able to exploit the bug, although still your constraints are a bit different as you can be loud and only really need to succeed once when an actual state-level actor will want something better than that. But again, this is a result of time constraints.
Also a lot of the time they are they can be the same people. Just one set of targets for your day job, one set of targets for fun at the CTF. (and the ctf challenges are probably easier)!
The first comment explains why they didn’t win one competition in 2014:
2022-07-23 18:58:31 = -ENOCHEAT
> I also saw once a player trying to swipe a piece of paper with configuration (user/password) details of another team on an Attack&Defense style CTF. They were caught in the act and their team got some penalty for it.
We did exactly that at the Nuit du Hack CTF finals in 2014 to snatch the win against you folks (Dragon Sector). Since there was a flag specifically designed around shoulder surfing (taped to the network switch on each team's table) we asked organizers whether swiping the config credentials was fair game, and they said it was completely fine. Absurd, but hey, I don't make the rules :)
Until 2020 they were almost always around top3 and a few times top1 teams in the world according to https://ctftime.org/
but in 2021/2022 I don't see them