Poloniex views the security of our customers as our top priority so we have created a program that allows people to report security issues directly to our team.
We collect this information via our HackerOne bug bounty program. Besides being a better forum for discussing these types of issues, using HackerOne allows us to reward you for finding serious security problems. As this program is invitation-only, we'll need to know your HackerOne username to invite you. If you don't have a HackerOne account, you can easily create one on the hacker registration page: https://hackerone.com/users/sign_up
You can email security-report@poloniex.com to get an invitation to our HackerOne bug bounty program.