Send pgp encrypted and signed email with a subject line that starts with [Security] to latent@empiresec.co

We will assess the vulnerability and reply back usually in 24 hours, you should give us atleast a week before publicising the disclosure.