The EOSIO Bug Bounty is ongoing and accepts submissions as vulnerabilities are identified. If you find a security issue, send your submission through the HackerOne Block.one Program site.