Update README.md with kbds and what to do if you find a vulnerability

README.md

@@ -98,7 +98,11 @@ to file an issue on our GitHub repository:
 Make sure to fill in the information that is requested in the issue template as it
 will help us investigate the problem more quickly.
 
-> Note To automatically create a bug report from within the extension run the *"Report a problem on GitHub"* command. Some basic information about your instance and powershell versions will be collected and inserted into a new GitHub issue.
+To automatically create a bug report from within the extension, open the Command pallet (<kbd>Ctrl</kbd>/<kbd>Cmd</kbd>+<kbd>Shift</kbd>+<kbd>P</kbd>) and run the *"Report a problem on GitHub"* command. Some basic information about your instance and powershell versions will be collected and inserted into a new GitHub issue.
+
+NOTE: If you believe that there is a security vulnerability in the PowerShell extension for VSCode,
+it **must** be reported to [[email protected]](https://technet.microsoft.com/security/ff852094.aspx) to allow for [Coordinated Vulnerability Disclosure](https://technet.microsoft.com/security/dn467923).
+**Only** file an issue, if [email protected] has confirmed filing an issue is appropriate.
 
 ### 2. Capture verbose logs and send them to us
 
@@ -115,6 +119,8 @@ that, zip up the logs in the corresponding folder for your operating system:
 - **Windows**: `$HOME\.vscode\extensions\ms-vscode.PowerShell-<CURRENT VERSION>\logs`
 - **Linux and macOS**: `~/.vscode/extensions/ms-vscode.PowerShell-<CURRENT VERSION>/logs`
 
+Alternatively, you can open the log folder using the Command pallet (<kbd>Ctrl</kbd>/<kbd>Cmd</kbd>+<kbd>Shift</kbd>+<kbd>P</kbd>) and running the *"Open powerShell Extension Logs Folder"* command.
+
 You have two options for sending us the logs:
 
   1. If you are editing scripts that contain sensitive information (intellectual property,