Snyk has taken over responsibility for the Node.js ecosystem's vulnerability disclosure program, which was previously managed by the OpenJS Foundation. As a company that has been involved in this program since its inception and has created its own multi-ecosystem disclosure program, Snyk is honored to have been entrusted with this new role. The program aims to promote responsible vulnerability disclosure, helping researchers disclose vulnerabilities safely while reducing noise for maintainers. The handover process involves reporters resubmitting their disclosures to Snyk, which will then verify and triage the reports before publishing them in its public database and issuing a CVE. Due to privacy concerns, the Node.js project will not pass on contact details of reporters to Snyk directly, making this an opt-in only process. Snyk plans to continue investing in the disclosure program to make it more efficient and helpful for both reporters and maintainers.