Hi;
I have a suggestion: Add a security.txt file to all Wikimedia Foundation projects.
For example: https://www.mediawiki.org/.well-known/security.txt & https://he.wikipedia.org/.well-known/security.txt.
This is important because in the current situation if a security researcher wants to report a security breach he should look for [[foundationsite:about/contact/|us]] himself, instead of us being easy on him - for our benefit.
What do you think? 🙂