doc: remove reference to obsolete security program

The ecosystem security program via HackerOne is no longer a thing.
Remove mention of it from SECURITY.md.

PR-URL: #42144
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: Benjamin Gruenbaum <benjamingr@gmail.com>
Reviewed-By: Matteo Collina <matteo.collina@gmail.com>
Reviewed-By: Mestery <mestery@protonmail.com>
Reviewed-By: Tobias Nießen <tniessen@tnie.de>
Reviewed-By: Darshan Sen <raisinten@gmail.com>
Reviewed-By: Danielle Adams <adamzdanielle@gmail.com>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Michael Dawson <midawson@redhat.com>

SECURITY.md

@@ -22,14 +22,7 @@ the HackerOne platform. See <https://hackerone.com/nodejs> for further details.
 ## Reporting a bug in a third party module
 
 Security bugs in third party modules should be reported to their respective
-maintainers and should also be coordinated through the Node.js Ecosystem
-Security Team via [HackerOne](https://hackerone.com/nodejs-ecosystem).
-
-Details regarding this process can be found in the
-[Security Working Group repository](https://github.com/nodejs/security-wg/blob/HEAD/processes/third_party_vuln_process.md).
-
-Thank you for improving the security of Node.js and its ecosystem. Your efforts
-and responsible disclosure are greatly appreciated and will be acknowledged.
+maintainers.
 
 ## Disclosure policy