Update SECURITY.md (EVerest#206)

Mention new security reporting mailinglist and GitHub security vulnerability reporting

Signed-off-by: Kai-Uwe Hermann <[email protected]>

SECURITY.md

@@ -2,23 +2,17 @@
 
 ## Supported Versions
 
-Since the beginning of 2023 we are releasing versions of EVerest in a monthly cadence, the specifics of this release process are outlined in [RELEASE.md](RELEASE.md).
-
-At the moment we only support the most recent release of EVerest with (security) updates.
-
-| Version | Supported          |
-| ------- | ------------------ |
-| 2023.3.0   | :white_check_mark: |
-| 2023.2.1   | :x:                |
-| 2023.2.0   | :x:                |
-| 2023.1.0   | :x:                |
+Since the beginning of 2023 we are releasing versions of EVerest in a monthly cadence, with additional stable releases every 3 months. The specifics of this release process are outlined in [RELEASE.md](RELEASE.md).
 
 ## Reporting a Vulnerability
 
 If you found a vulnerability, we are super keen and grateful to get the details. Please use this private mailing list to let us know:
-https://lists.lfenergy.org/g/everest-tsc
+everest-security@lists.lfenergy.org
 
-Please DON'T use the publicly visible issue reporting functionality from github!
+Please DON'T use the publicly visible issue reporting functionality from GitHub!
+Alternatively you can use the "Report a vulnerability" feature on Github
+which should be enabled in all repositories.
+For example for everest-core you can find this here: https://github.com/EVerest/everest-core/security
 
 We try to monitor this list and respond every working day, but in in initial respond time should not go beyond 7 days.
 Please provide us with your estimation of the severity of your finding. Every other information on how to exploit it as well as everything else you could provide is helpful, please also  orient yourself on our questionary for non security related issue reporting: https://github.com/EVerest/everest/issues/new?assignees=&labels=&template=bug_report.md&title=