feat: update SECURITY.md with project-specific security policy

[aramb-dev]

• Customize security policy for Da'wah website project
• Add appropriate reporting procedures for Islamic educational platform
• Include relevant scope and supported versions for website project
• Add contact information and response timelines

Pull Request type

Please check the type of change your PR introduces:

• Bugfix
• Feature
• Code style update (formatting, renaming)
• Refactoring (no functional changes, no API changes)
• Build-related changes
• Documentation content changes
• Other (please describe):

What is the current behavior?

Issue Number: N/A

What is the new behavior?

Does this introduce a breaking change?

• Yes
• No

Other information

[Copilot]

Pull Request Overview

This PR introduces a project-specific security policy for the Da’wah website, detailing supported versions, scope, reporting procedures, timelines, best practices, and contact channels.

• Add SECURITY.md with site information and support status
• Define vulnerability reporting methods and response SLAs
• Document dependencies, contributor/user best practices, and contact links

Comments suppressed due to low confidence (3)

SECURITY.md:5

• The project name appears as “Dawah” here but is spelled “Da'wah” elsewhere (e.g., PR title). Standardize the name throughout the document.

The Dawah website (https://dawah.mtws.org) is an Islamic educational platform maintained by Markaz Tawheed Was-Sunnah (MTWS). This security policy outlines how we handle security concerns for our website and codebase.

SECURITY.md:15

• [nitpick] The term “Previous commits” is vague. Consider clarifying which branches or tags are supported versus deprecated.

| Previous commits        | ❌ Not supported           |

SECURITY.md:93

• [nitpick] Listing “Various JavaScript libraries” is too generic. Consider enumerating the key libraries and their versions or linking to a maintained dependency manifest.

- Various JavaScript libraries