Node.js announced its security bug bounty program is being paused due to the discontinuation of external funding from the Internet Bug Bounty program, though security reporting and triage remain unchanged.
Node.js Security Bug Bounty Program Paused Due to Loss of Funding
Node.js announced its security bug bounty program is being paused due to the discontinuation of external funding from the Internet Bug Bounty program, though security reporting and triage remain unchanged.
Source: Nodejs