Update SECURITY.md (#27)

Author: kingjia90

SECURITY.md

@@ -2,19 +2,21 @@
 
 ## Reporting a Vulnerability
 
-If you think that you have found a security issue,
-don’t use the bug tracker and don’t publish it publicly.
-Instead, all security issues must be reported via 📫 to [[email protected]](mailto:[email protected]).
+If you think that you have found a security issue, 
+don’t use the bug tracker and don’t publish it publicly. 
+Instead, all security issues must be reported via a private vulnerability report.
+
+Please follow the [instructions](https://docs.github.com/en/code-security/security-advisories/guidance-on-reporting-and-writing-information-about-vulnerabilities/privately-reporting-a-security-vulnerability#privately-reporting-a-security-vulnerability) to submit a private report.
 
 
 ## Resolving Process
-Every submitted security issue is handled with top priority by following these steps:
+Every submitted security issue is handled with top priority by following these steps: 
 
 1. Confirm the vulnerability
 2. Determine the severity
 3. Contact reporter
 4. Work on a patch
 5. Get a CVE identification number (may be done by the reporter or a security service provider)
-6. Patch reviewing
+6. Patch reviewing 
 7. Tagging a new release for supported versions
-8. Publish security announcement
+8. Publish security announcement