In March 2025, Maksim Moroz focused on enhancing the security vulnerability reporting process for the lynx-family/lynx repository. He updated the SECURITY.md documentation using Markdown to remove the HackerOne submission link, instead directing all vulnerability disclosures to a dedicated security email address. This change consolidated intake channels and provided explicit guidance on the Bug Bounty program, including details about potential rewards to encourage responsible reporting. The work was delivered as a targeted commit, reflecting a methodical approach to documentation and governance. While the scope was limited to a single feature, the update improved clarity and streamlined the project’s security posture.