# Security Policy

## Reporting a Vulnerability

Preferably, please contact [@tommy:arcticfoxes.net](https://invite.arcticfoxes.net/#/@tommy:arcticfoxes.net) and/or [@wj25czxj47bu6q:arcticfoxes.net](https://invite.arcticfoxes.net/#/@wj25czxj47bu6q:arcticfoxes.net) on [Matrix](https://joinmatrix.org). If ArcticFoxes is down for any reason, wj25czxj47bu6q's backup account [@wj25czxj47bu6q:matrix.org](https://matrix.to/#/@wj25czxj47bu6q:matrix.org) may be used instead. _Direct messages should be end‑to‑end encrypted by default in most Matrix clients._

Alternatively, please email [tommy@privsec.dev](mailto:tommy@privsec.dev). An OpenPGP key for email encryption will be made available upon request.