Revise SECURITY.md for supported versions and reporting

SECURITY.md

@@ -0,0 +1,37 @@
+# Security Policy
+
+## Supported Versions
+
+The following table outlines which versions of PyWebIO are currently receiving security updates. We recommend all users upgrade to a supported version to ensure their applications remain secure.
+
+| Version | Supported          |
+| ------- | ------------------ |
+| 1.8.x   | :white_check_mark: |
+| 1.7.x   | :x:                |
+| 1.4.x   | :white_check_mark: |
+| < 1.4   | :x:                |
+
+---
+
+## Reporting a Vulnerability
+
+We take the security of PyWebIO seriously. If you believe you have discovered a security vulnerability, please help us fix it by reporting it responsibly.
+
+### How to Report
+Please **do not** open a public GitHub issue for security vulnerabilities. Instead, please report any security concerns via the following method:
+
+* **Email:** [Insert Maintainer Email Here]
+* **GitHub:** You can also use [GitHub Private Vulnerability Reporting](https://docs.github.com/en/code-security/security-advisories/guidance-on-reporting-and-writing-information-about-vulnerabilities/privately-reporting-a-security-vulnerability) if enabled for this repository.
+
+### What to Include in Your Report
+To help us triage and fix the issue quickly, please include:
+1. **Description:** A detailed description of the vulnerability.
+2. **Version:** The version of PyWebIO where the issue was found.
+3. **Reproduce:** A Proof of Concept (PoC) script or step-by-step instructions to reproduce the behavior.
+4. **Impact:** What an attacker could achieve (e.g., XSS, RCE, or Data Leakage).
+
+### Our Commitment
+* **Acknowledgement:** We will acknowledge receipt of your report within 48-72 hours.
+* **Triage:** We will keep you updated as we investigate and validate the findings.
+* **Fix:** Once confirmed, we will work on a patch and coordinate a disclosure date.
+* **Credit:** We value the work of security researchers and will provide credit in the release notes if desired.